Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: Backdoorfund von Avira-Echtzeitscanner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.06.2015, 12:58   #1
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Hallo,

der Echtzeitscanner von Avira hat vor gut 2 Wochen den Fund des Backdoorprogrammes BDS/KillWin.DG gemeldet.

Code:
ATTFilter
Typ:	Datei
Quelle:	C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360
Status:	Infiziert
Quarantäne-Objekt:	507eb79f.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.03.30.36
Virendefinitionsdatei:	8.11.234.68
Gefunden:	BDS/KillWin.DG
Datum/Uhrzeit:	25.05.2015, 21:06
         
(Funddatum war der 21.05., ich habe nur in der Quarantäne auf nochmal überprüfen geklickt.)

Als ich dann allerdings auf die Ereignisanzeige gegangen bin, musste ich feststellen, dass der gleiche Fund schon mehrmals über den Tag verteilt festgestellt wurde, mir jedoch nicht angezeigt wurde. Ich weiß nicht genau, was die Aktion 'Zugriff verweigern' konkret bedeutet. Nach der Avira Hilfe sollte es eigentlich nur die Möglichkeit des Löschens und Übergebens an Scanner geben, der die Datei dann in die Quarantäne verschiebt. Erst am Abend als ich meinen Laptop gerade aufgeklappt habe, ist unten dann ein Pop-Up-Fenster aufgetaucht, mit dem ich den Fund an den System-Scanner übergeben habe.

Code:
ATTFilter
Exportierte Ereignisse:

21.05.2015 19:20 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      enthielt einen Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '507eb79f.qua' 
      verschoben!

21.05.2015 13:50 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 13:42 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 13:20 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 13:20 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 12:36 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 11:35 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2015 11:35 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
      wurde ein Virus oder unerwünschtes Programm 'BDS/KillWin.DG' [backdoor] 
      gefunden.
      Ausgeführte Aktion: Übergeben an Scanner
         
Code:
ATTFilter
Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 21. Mai 2015  19:19


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 8.1
Windowsversion : (plain)  [6.3.9600]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : LUKAS-PC

Versionsinformationen:
BUILD.DAT      : 15.0.10.434   109882 Bytes  16.04.2015 15:24:00
AVSCAN.EXE     : 15.0.10.430  1028856 Bytes  05.05.2015 09:09:26
AVSCANRC.DLL   : 15.0.10.236    64760 Bytes  05.05.2015 09:09:26
LUKE.DLL       : 15.0.10.414    59696 Bytes  05.05.2015 09:09:34
AVSCPLR.DLL    : 15.0.10.414    97736 Bytes  05.05.2015 09:09:26
REPAIR.DLL     : 15.0.10.414   375088 Bytes  05.05.2015 09:09:26
REPAIR.RDF     : 1.0.7.96      892927 Bytes  20.05.2015 18:32:37
AVREG.DLL      : 15.0.10.414   275248 Bytes  05.05.2015 09:09:26
AVLODE.DLL     : 15.0.10.414   597240 Bytes  05.05.2015 09:09:25
AVLODE.RDF     : 14.0.4.70      79227 Bytes  07.05.2015 20:45:45
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00108.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:28
XBV00109.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:28
XBV00110.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:28
XBV00111.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:28
XBV00112.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00113.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00114.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00115.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00116.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00117.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00118.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00119.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00120.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00121.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00122.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00123.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:29
XBV00124.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:30
XBV00125.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:30
XBV00126.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:30
XBV00127.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:30
XBV00128.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00129.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00130.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00131.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00132.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00133.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00134.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00135.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00136.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00137.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00138.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00139.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00140.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00141.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00142.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00143.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00144.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00145.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00146.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:31
XBV00147.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00148.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00149.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00150.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00151.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00152.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00153.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00154.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00155.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00156.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00157.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00158.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00159.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00160.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00161.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00162.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00163.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00164.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00165.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00166.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00167.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:32
XBV00168.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00169.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00170.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00171.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00172.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00173.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00174.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00175.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00176.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00177.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00178.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00179.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00180.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00181.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00182.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00183.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00184.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00185.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00186.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:33
XBV00187.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:34
XBV00188.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:34
XBV00189.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:34
XBV00190.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00191.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00192.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00193.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00194.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00195.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00196.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00197.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00198.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00199.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00200.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00201.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00202.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00203.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00204.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00205.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00206.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00207.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00208.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00209.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00210.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00211.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00212.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00213.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00214.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00215.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00216.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00217.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00218.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00219.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00220.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00221.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00222.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00223.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00224.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00225.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00226.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00227.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00228.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00229.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00230.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00231.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00232.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00233.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:37
XBV00234.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:37
XBV00235.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00236.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00237.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00238.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00239.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00240.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00241.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00242.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00243.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00244.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00245.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00246.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00247.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00248.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00249.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00250.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00251.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00252.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00253.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00254.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00255.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 10:44:30
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 10:44:30
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 10:44:30
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 10:44:30
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 10:44:30
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 10:44:30
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 10:44:30
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 10:44:30
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 10:44:30
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 10:44:30
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 16:35:50
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 11:22:14
XBV00012.VDF   : 8.11.190.32  1876992 Bytes  03.12.2014 11:48:19
XBV00013.VDF   : 8.11.201.28  2973696 Bytes  14.01.2015 16:41:41
XBV00014.VDF   : 8.11.206.252  2695680 Bytes  04.02.2015 15:18:14
XBV00015.VDF   : 8.11.213.84  3175936 Bytes  03.03.2015 10:32:48
XBV00016.VDF   : 8.11.213.176   212480 Bytes  05.03.2015 21:48:08
XBV00017.VDF   : 8.11.219.166  2033664 Bytes  25.03.2015 09:47:55
XBV00018.VDF   : 8.11.225.88  2367488 Bytes  22.04.2015 19:05:53
XBV00019.VDF   : 8.11.230.186  1674752 Bytes  13.05.2015 18:55:24
XBV00042.VDF   : 8.11.230.210    93184 Bytes  13.05.2015 20:55:17
XBV00043.VDF   : 8.11.230.212     2048 Bytes  13.05.2015 20:55:17
XBV00044.VDF   : 8.11.230.254     3072 Bytes  13.05.2015 20:55:17
XBV00045.VDF   : 8.11.231.22    39936 Bytes  13.05.2015 20:55:17
XBV00046.VDF   : 8.11.231.44     8192 Bytes  13.05.2015 10:50:13
XBV00047.VDF   : 8.11.231.46     2048 Bytes  13.05.2015 10:50:13
XBV00048.VDF   : 8.11.231.66    10240 Bytes  13.05.2015 10:50:13
XBV00049.VDF   : 8.11.231.88    43520 Bytes  14.05.2015 10:50:13
XBV00050.VDF   : 8.11.231.108    18432 Bytes  14.05.2015 10:50:13
XBV00051.VDF   : 8.11.231.128     2048 Bytes  14.05.2015 10:50:13
XBV00052.VDF   : 8.11.231.150    30208 Bytes  14.05.2015 12:50:08
XBV00053.VDF   : 8.11.231.188    23552 Bytes  14.05.2015 17:12:02
XBV00054.VDF   : 8.11.231.206    10240 Bytes  14.05.2015 17:12:02
XBV00055.VDF   : 8.11.231.224    11776 Bytes  14.05.2015 17:12:03
XBV00056.VDF   : 8.11.231.244    98304 Bytes  14.05.2015 17:25:03
XBV00057.VDF   : 8.11.231.246     2048 Bytes  14.05.2015 17:25:03
XBV00058.VDF   : 8.11.231.250    91136 Bytes  15.05.2015 17:25:13
XBV00059.VDF   : 8.11.232.34     2048 Bytes  15.05.2015 17:25:14
XBV00060.VDF   : 8.11.232.52    70656 Bytes  15.05.2015 17:25:22
XBV00061.VDF   : 8.11.232.72     9216 Bytes  15.05.2015 17:25:27
XBV00062.VDF   : 8.11.232.90     2048 Bytes  15.05.2015 17:25:27
XBV00063.VDF   : 8.11.232.108    52224 Bytes  15.05.2015 23:04:54
XBV00064.VDF   : 8.11.232.126     2048 Bytes  15.05.2015 23:04:54
XBV00065.VDF   : 8.11.232.144     8704 Bytes  15.05.2015 23:04:54
XBV00066.VDF   : 8.11.232.162    18944 Bytes  15.05.2015 23:04:55
XBV00067.VDF   : 8.11.232.178     2048 Bytes  15.05.2015 23:04:55
XBV00068.VDF   : 8.11.232.210    97280 Bytes  16.05.2015 13:53:05
XBV00069.VDF   : 8.11.232.224    33280 Bytes  16.05.2015 19:06:49
XBV00070.VDF   : 8.11.232.238     2048 Bytes  16.05.2015 19:06:49
XBV00071.VDF   : 8.11.232.252   106496 Bytes  17.05.2015 12:59:06
XBV00072.VDF   : 8.11.233.10    22016 Bytes  17.05.2015 15:31:53
XBV00073.VDF   : 8.11.233.24   108544 Bytes  18.05.2015 08:51:10
XBV00074.VDF   : 8.11.233.38    11776 Bytes  18.05.2015 08:51:10
XBV00075.VDF   : 8.11.233.52     7168 Bytes  18.05.2015 08:51:10
XBV00076.VDF   : 8.11.233.66    12800 Bytes  18.05.2015 17:05:05
XBV00077.VDF   : 8.11.233.68    11264 Bytes  18.05.2015 17:05:05
XBV00078.VDF   : 8.11.233.70    10752 Bytes  18.05.2015 17:05:05
XBV00079.VDF   : 8.11.233.72     8704 Bytes  18.05.2015 17:05:05
XBV00080.VDF   : 8.11.233.74    13824 Bytes  18.05.2015 17:05:05
XBV00081.VDF   : 8.11.233.76     2048 Bytes  18.05.2015 17:05:05
XBV00082.VDF   : 8.11.233.78    12800 Bytes  18.05.2015 17:05:05
XBV00083.VDF   : 8.11.233.84    34816 Bytes  18.05.2015 17:43:57
XBV00084.VDF   : 8.11.233.86     4096 Bytes  19.05.2015 17:43:57
XBV00085.VDF   : 8.11.233.100   208384 Bytes  19.05.2015 17:43:58
XBV00086.VDF   : 8.11.233.112    20480 Bytes  19.05.2015 17:43:58
XBV00087.VDF   : 8.11.233.126    60928 Bytes  19.05.2015 17:43:58
XBV00088.VDF   : 8.11.233.138    13312 Bytes  19.05.2015 17:43:58
XBV00089.VDF   : 8.11.233.140    48128 Bytes  19.05.2015 19:43:59
XBV00090.VDF   : 8.11.233.142     2048 Bytes  19.05.2015 19:43:59
XBV00091.VDF   : 8.11.233.144     2048 Bytes  19.05.2015 19:43:59
XBV00092.VDF   : 8.11.233.158    51712 Bytes  19.05.2015 18:32:35
XBV00093.VDF   : 8.11.233.170    17920 Bytes  20.05.2015 18:32:35
XBV00094.VDF   : 8.11.233.182    24064 Bytes  20.05.2015 18:32:35
XBV00095.VDF   : 8.11.233.184    68096 Bytes  20.05.2015 18:32:35
XBV00096.VDF   : 8.11.233.196     2048 Bytes  20.05.2015 18:32:35
XBV00097.VDF   : 8.11.233.208    36352 Bytes  20.05.2015 18:32:35
XBV00098.VDF   : 8.11.233.220     2048 Bytes  20.05.2015 18:32:35
XBV00099.VDF   : 8.11.233.232    92672 Bytes  20.05.2015 07:45:46
XBV00100.VDF   : 8.11.233.242    14336 Bytes  20.05.2015 07:45:46
XBV00101.VDF   : 8.11.233.252     8704 Bytes  20.05.2015 07:45:46
XBV00102.VDF   : 8.11.234.6     33792 Bytes  20.05.2015 07:45:46
XBV00103.VDF   : 8.11.234.16    14336 Bytes  20.05.2015 07:45:46
XBV00104.VDF   : 8.11.234.18     2048 Bytes  21.05.2015 07:45:47
XBV00105.VDF   : 8.11.234.38    38912 Bytes  21.05.2015 07:45:47
XBV00106.VDF   : 8.11.234.58     3584 Bytes  21.05.2015 07:45:47
XBV00107.VDF   : 8.11.234.68     4096 Bytes  21.05.2015 10:46:33
LOCAL001.VDF   : 8.11.234.68 130980864 Bytes  21.05.2015 10:46:56
Engineversion  : 8.3.30.36 
AEVDF.DLL      : 8.3.1.6       133992 Bytes  24.09.2014 10:44:20
AESCRIPT.DLL   : 8.2.2.64      571304 Bytes  12.05.2015 21:36:58
AESCN.DLL      : 8.3.2.10      142456 Bytes  12.05.2015 21:36:58
AESBX.DLL      : 8.2.20.34    1615784 Bytes  04.03.2015 20:58:59
AERDL.DLL      : 8.2.1.20      731040 Bytes  11.02.2015 23:57:53
AEPACK.DLL     : 8.4.0.78      792488 Bytes  20.05.2015 18:32:35
AEOFFICE.DLL   : 8.3.1.22      363376 Bytes  24.04.2015 15:09:42
AEMOBILE.DLL   : 8.1.7.2       281720 Bytes  24.04.2015 15:09:47
AEHEUR.DLL     : 8.1.4.1684   8353704 Bytes  12.05.2015 21:36:57
AEHELP.DLL     : 8.3.2.0       281456 Bytes  19.03.2015 19:45:28
AEGEN.DLL      : 8.1.7.40      456608 Bytes  19.12.2014 14:39:49
AEEXP.DLL      : 8.4.2.88      266296 Bytes  12.05.2015 21:36:58
AEEMU.DLL      : 8.1.3.4       399264 Bytes  24.09.2014 10:44:20
AEDROID.DLL    : 8.4.3.116    1050536 Bytes  10.03.2015 19:02:24
AECORE.DLL     : 8.3.4.0       243624 Bytes  18.12.2014 17:40:46
AEBB.DLL       : 8.1.2.0        60448 Bytes  24.09.2014 10:44:20
AVWINLL.DLL    : 15.0.10.236    25904 Bytes  05.05.2015 09:09:22
AVPREF.DLL     : 15.0.10.236    52984 Bytes  05.05.2015 09:09:26
AVREP.DLL      : 15.0.10.236   220464 Bytes  05.05.2015 09:09:26
AVARKT.DLL     : 15.0.10.296   228088 Bytes  05.05.2015 09:09:23
AVEVTLOG.DLL   : 15.0.10.296   194296 Bytes  05.05.2015 09:09:24
SQLITE3.DLL    : 15.0.10.236   456440 Bytes  05.05.2015 09:09:36
AVSMTP.DLL     : 15.0.10.236    78128 Bytes  05.05.2015 09:09:27
NETNT.DLL      : 15.0.10.236    16120 Bytes  05.05.2015 09:09:34
CommonImageRc.dll: 15.0.10.236  4355376 Bytes  05.05.2015 09:09:22
CommonTextRc.DLL: 15.0.10.270    70904 Bytes  05.05.2015 09:09:22

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\Antivirus\TEMP\AVGUARD_55547b99\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Abweichende Gefahrenkategorien........: +JOKE,+SPR,

Beginn des Suchlaufs: Donnerstag, 21. Mai 2015  19:19

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '204' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '136' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'AssistantServices.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUSSoundProxy.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'PhotoshopElementsFileAgent.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv_svc.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCPerfService.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'vuagent.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'vim.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCAgent.exe' - '182' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '222' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NetworkClient.EXE' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBVolumeWatcher.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'UIExec.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDVD10Serv.EXE' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIO Clip.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'SoundRec.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'vim.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_17_0_0_169.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_17_0_0_169.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '10' Modul(e) wurden durchsucht
Durchsuche Prozess 'vds.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinLogon.exe' - '28' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360'
C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360
  [FUND]      Enthält ein Erkennungsmuster des (gefährlichen) Backdoorprogrammes BDS/KillWin.DG

Beginne mit der Desinfektion:
C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360
  [FUND]      Enthält ein Erkennungsmuster des (gefährlichen) Backdoorprogrammes BDS/KillWin.DG
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '507eb79f.qua' verschoben!


Ende des Suchlaufs: Donnerstag, 21. Mai 2015  19:20
Benötigte Zeit: 00:13 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   1154 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   1153 Dateien ohne Befall
      0 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise


Die Suchergebnisse werden an den Guard übermittelt.
         
War der Virus dann mindestens den ganzen Tag noch aktiv, obwohl er eigentlich schon gefunden wurde?
Bzw. in der Virenbeschreibung steht ja Betriebssystem Win XP/Vista/7, heißt das, das der Virus nur dadrauf läuft und ich eigentlich gar nichts zu befürchten brauche, wenn ich Win8 habe?

Ich war dann erstmal nicht mehr wirklich im Internet, nur kurz 1-2 mal, um Avira upzudaten und war manchmal offline dran und hab verschiedene Scans mit Avira durchgeführt, die aber allesamt negativ waren. Nur für kurze Zeit, waren auf einmal 2 versteckte Objekte im Scan zu finden, die dann nach einem Neustart aber nicht mehr gefunden wurde.

Code:
ATTFilter

Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 1. Juni 2015  21:26


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 8.1
Windowsversion : (plain)  [6.3.9600]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : LUKAS-PC

Versionsinformationen:
BUILD.DAT      : 15.0.10.434   109882 Bytes  16.04.2015 15:24:00
AVSCAN.EXE     : 15.0.10.430  1028856 Bytes  05.05.2015 09:09:26
AVSCANRC.DLL   : 15.0.10.236    64760 Bytes  05.05.2015 09:09:26
LUKE.DLL       : 15.0.10.414    59696 Bytes  05.05.2015 09:09:34
AVSCPLR.DLL    : 15.0.10.414    97736 Bytes  05.05.2015 09:09:26
REPAIR.DLL     : 15.0.10.414   375088 Bytes  05.05.2015 09:09:26
REPAIR.RDF     : 1.0.8.8       897113 Bytes  29.05.2015 11:45:39
AVREG.DLL      : 15.0.10.414   275248 Bytes  05.05.2015 09:09:26
AVLODE.DLL     : 15.0.10.414   597240 Bytes  05.05.2015 09:09:25
AVLODE.RDF     : 14.0.4.70      79227 Bytes  07.05.2015 20:45:45
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 10:44:31
XBV00197.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00198.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00199.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00200.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00201.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00202.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00203.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00204.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00205.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00206.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00207.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00208.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00209.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00210.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:35
XBV00211.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00212.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00213.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00214.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00215.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00216.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00217.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00218.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00219.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00220.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00221.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00222.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00223.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00224.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00225.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00226.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00227.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00228.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00229.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00230.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00231.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00232.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:36
XBV00233.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:37
XBV00234.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:37
XBV00235.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00236.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00237.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00238.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00239.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00240.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00241.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00242.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00243.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00244.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00245.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00246.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00247.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00248.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00249.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:38
XBV00250.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00251.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00252.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00253.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00254.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00255.VDF   : 8.11.230.186     2048 Bytes  13.05.2015 18:55:39
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 10:44:30
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 10:44:30
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 10:44:30
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 10:44:30
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 10:44:30
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 10:44:30
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 10:44:30
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 10:44:30
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 10:44:30
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 10:44:30
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 16:35:50
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 11:22:14
XBV00012.VDF   : 8.11.190.32  1876992 Bytes  03.12.2014 11:48:19
XBV00013.VDF   : 8.11.201.28  2973696 Bytes  14.01.2015 16:41:41
XBV00014.VDF   : 8.11.206.252  2695680 Bytes  04.02.2015 15:18:14
XBV00015.VDF   : 8.11.213.84  3175936 Bytes  03.03.2015 10:32:48
XBV00016.VDF   : 8.11.213.176   212480 Bytes  05.03.2015 21:48:08
XBV00017.VDF   : 8.11.219.166  2033664 Bytes  25.03.2015 09:47:55
XBV00018.VDF   : 8.11.225.88  2367488 Bytes  22.04.2015 19:05:53
XBV00019.VDF   : 8.11.230.186  1674752 Bytes  13.05.2015 18:55:24
XBV00042.VDF   : 8.11.230.210    93184 Bytes  13.05.2015 20:55:17
XBV00043.VDF   : 8.11.230.212     2048 Bytes  13.05.2015 20:55:17
XBV00044.VDF   : 8.11.230.254     3072 Bytes  13.05.2015 20:55:17
XBV00045.VDF   : 8.11.231.22    39936 Bytes  13.05.2015 20:55:17
XBV00046.VDF   : 8.11.231.44     8192 Bytes  13.05.2015 10:50:13
XBV00047.VDF   : 8.11.231.46     2048 Bytes  13.05.2015 10:50:13
XBV00048.VDF   : 8.11.231.66    10240 Bytes  13.05.2015 10:50:13
XBV00049.VDF   : 8.11.231.88    43520 Bytes  14.05.2015 10:50:13
XBV00050.VDF   : 8.11.231.108    18432 Bytes  14.05.2015 10:50:13
XBV00051.VDF   : 8.11.231.128     2048 Bytes  14.05.2015 10:50:13
XBV00052.VDF   : 8.11.231.150    30208 Bytes  14.05.2015 12:50:08
XBV00053.VDF   : 8.11.231.188    23552 Bytes  14.05.2015 17:12:02
XBV00054.VDF   : 8.11.231.206    10240 Bytes  14.05.2015 17:12:02
XBV00055.VDF   : 8.11.231.224    11776 Bytes  14.05.2015 17:12:03
XBV00056.VDF   : 8.11.231.244    98304 Bytes  14.05.2015 17:25:03
XBV00057.VDF   : 8.11.231.246     2048 Bytes  14.05.2015 17:25:03
XBV00058.VDF   : 8.11.231.250    91136 Bytes  15.05.2015 17:25:13
XBV00059.VDF   : 8.11.232.34     2048 Bytes  15.05.2015 17:25:14
XBV00060.VDF   : 8.11.232.52    70656 Bytes  15.05.2015 17:25:22
XBV00061.VDF   : 8.11.232.72     9216 Bytes  15.05.2015 17:25:27
XBV00062.VDF   : 8.11.232.90     2048 Bytes  15.05.2015 17:25:27
XBV00063.VDF   : 8.11.232.108    52224 Bytes  15.05.2015 23:04:54
XBV00064.VDF   : 8.11.232.126     2048 Bytes  15.05.2015 23:04:54
XBV00065.VDF   : 8.11.232.144     8704 Bytes  15.05.2015 23:04:54
XBV00066.VDF   : 8.11.232.162    18944 Bytes  15.05.2015 23:04:55
XBV00067.VDF   : 8.11.232.178     2048 Bytes  15.05.2015 23:04:55
XBV00068.VDF   : 8.11.232.210    97280 Bytes  16.05.2015 13:53:05
XBV00069.VDF   : 8.11.232.224    33280 Bytes  16.05.2015 19:06:49
XBV00070.VDF   : 8.11.232.238     2048 Bytes  16.05.2015 19:06:49
XBV00071.VDF   : 8.11.232.252   106496 Bytes  17.05.2015 12:59:06
XBV00072.VDF   : 8.11.233.10    22016 Bytes  17.05.2015 15:31:53
XBV00073.VDF   : 8.11.233.24   108544 Bytes  18.05.2015 08:51:10
XBV00074.VDF   : 8.11.233.38    11776 Bytes  18.05.2015 08:51:10
XBV00075.VDF   : 8.11.233.52     7168 Bytes  18.05.2015 08:51:10
XBV00076.VDF   : 8.11.233.66    12800 Bytes  18.05.2015 17:05:05
XBV00077.VDF   : 8.11.233.68    11264 Bytes  18.05.2015 17:05:05
XBV00078.VDF   : 8.11.233.70    10752 Bytes  18.05.2015 17:05:05
XBV00079.VDF   : 8.11.233.72     8704 Bytes  18.05.2015 17:05:05
XBV00080.VDF   : 8.11.233.74    13824 Bytes  18.05.2015 17:05:05
XBV00081.VDF   : 8.11.233.76     2048 Bytes  18.05.2015 17:05:05
XBV00082.VDF   : 8.11.233.78    12800 Bytes  18.05.2015 17:05:05
XBV00083.VDF   : 8.11.233.84    34816 Bytes  18.05.2015 17:43:57
XBV00084.VDF   : 8.11.233.86     4096 Bytes  19.05.2015 17:43:57
XBV00085.VDF   : 8.11.233.100   208384 Bytes  19.05.2015 17:43:58
XBV00086.VDF   : 8.11.233.112    20480 Bytes  19.05.2015 17:43:58
XBV00087.VDF   : 8.11.233.126    60928 Bytes  19.05.2015 17:43:58
XBV00088.VDF   : 8.11.233.138    13312 Bytes  19.05.2015 17:43:58
XBV00089.VDF   : 8.11.233.140    48128 Bytes  19.05.2015 19:43:59
XBV00090.VDF   : 8.11.233.142     2048 Bytes  19.05.2015 19:43:59
XBV00091.VDF   : 8.11.233.144     2048 Bytes  19.05.2015 19:43:59
XBV00092.VDF   : 8.11.233.158    51712 Bytes  19.05.2015 18:32:35
XBV00093.VDF   : 8.11.233.170    17920 Bytes  20.05.2015 18:32:35
XBV00094.VDF   : 8.11.233.182    24064 Bytes  20.05.2015 18:32:35
XBV00095.VDF   : 8.11.233.184    68096 Bytes  20.05.2015 18:32:35
XBV00096.VDF   : 8.11.233.196     2048 Bytes  20.05.2015 18:32:35
XBV00097.VDF   : 8.11.233.208    36352 Bytes  20.05.2015 18:32:35
XBV00098.VDF   : 8.11.233.220     2048 Bytes  20.05.2015 18:32:35
XBV00099.VDF   : 8.11.233.232    92672 Bytes  20.05.2015 07:45:46
XBV00100.VDF   : 8.11.233.242    14336 Bytes  20.05.2015 07:45:46
XBV00101.VDF   : 8.11.233.252     8704 Bytes  20.05.2015 07:45:46
XBV00102.VDF   : 8.11.234.6     33792 Bytes  20.05.2015 07:45:46
XBV00103.VDF   : 8.11.234.16    14336 Bytes  20.05.2015 07:45:46
XBV00104.VDF   : 8.11.234.18     2048 Bytes  21.05.2015 07:45:47
XBV00105.VDF   : 8.11.234.38    38912 Bytes  21.05.2015 07:45:47
XBV00106.VDF   : 8.11.234.58     3584 Bytes  21.05.2015 07:45:47
XBV00107.VDF   : 8.11.234.68     4096 Bytes  21.05.2015 10:46:33
XBV00108.VDF   : 8.11.234.76    34304 Bytes  21.05.2015 15:04:33
XBV00109.VDF   : 8.11.234.78    11264 Bytes  21.05.2015 15:04:33
XBV00110.VDF   : 8.11.234.84    44032 Bytes  21.05.2015 15:04:33
XBV00111.VDF   : 8.11.234.86     2048 Bytes  21.05.2015 15:04:33
XBV00112.VDF   : 8.11.234.88    29184 Bytes  21.05.2015 15:04:33
XBV00113.VDF   : 8.11.234.90    16896 Bytes  21.05.2015 15:04:33
XBV00114.VDF   : 8.11.234.92    21504 Bytes  22.05.2015 15:04:33
XBV00115.VDF   : 8.11.234.94    32768 Bytes  22.05.2015 15:04:33
XBV00116.VDF   : 8.11.234.96     2048 Bytes  22.05.2015 15:04:33
XBV00117.VDF   : 8.11.234.104    10240 Bytes  22.05.2015 15:04:33
XBV00118.VDF   : 8.11.234.112    30208 Bytes  22.05.2015 15:04:33
XBV00119.VDF   : 8.11.234.120    13824 Bytes  22.05.2015 15:04:33
XBV00120.VDF   : 8.11.234.128    11264 Bytes  22.05.2015 15:04:33
XBV00121.VDF   : 8.11.234.130     2048 Bytes  22.05.2015 15:04:33
XBV00122.VDF   : 8.11.234.138     2048 Bytes  22.05.2015 15:04:33
XBV00123.VDF   : 8.11.234.146    14848 Bytes  22.05.2015 15:04:33
XBV00124.VDF   : 8.11.234.154    15872 Bytes  22.05.2015 15:04:33
XBV00125.VDF   : 8.11.234.164    27136 Bytes  22.05.2015 15:04:33
XBV00126.VDF   : 8.11.234.166     2048 Bytes  22.05.2015 15:04:33
XBV00127.VDF   : 8.11.234.168    10240 Bytes  22.05.2015 15:04:33
XBV00128.VDF   : 8.11.234.170     2048 Bytes  22.05.2015 15:04:33
XBV00129.VDF   : 8.11.234.172    13312 Bytes  22.05.2015 15:04:33
XBV00130.VDF   : 8.11.234.174    15872 Bytes  22.05.2015 15:04:34
XBV00131.VDF   : 8.11.234.184    68096 Bytes  23.05.2015 15:04:34
XBV00132.VDF   : 8.11.234.186     2048 Bytes  23.05.2015 15:04:34
XBV00133.VDF   : 8.11.234.196     2048 Bytes  23.05.2015 15:04:34
XBV00134.VDF   : 8.11.234.206    12800 Bytes  23.05.2015 15:04:34
XBV00135.VDF   : 8.11.234.216    70144 Bytes  24.05.2015 15:04:34
XBV00136.VDF   : 8.11.234.226     2560 Bytes  24.05.2015 15:04:34
XBV00137.VDF   : 8.11.234.228    79360 Bytes  25.05.2015 15:04:34
XBV00138.VDF   : 8.11.234.238     6656 Bytes  25.05.2015 15:04:34
XBV00139.VDF   : 8.11.234.248     7168 Bytes  25.05.2015 15:04:34
XBV00140.VDF   : 8.11.235.2      6144 Bytes  25.05.2015 15:04:34
XBV00141.VDF   : 8.11.235.4      6656 Bytes  25.05.2015 15:04:34
XBV00142.VDF   : 8.11.235.14     5632 Bytes  25.05.2015 15:04:34
XBV00143.VDF   : 8.11.235.16     4608 Bytes  25.05.2015 15:04:34
XBV00144.VDF   : 8.11.235.18     3072 Bytes  25.05.2015 15:04:34
XBV00145.VDF   : 8.11.235.20     3584 Bytes  25.05.2015 15:04:34
XBV00146.VDF   : 8.11.235.22     3584 Bytes  25.05.2015 15:04:34
XBV00147.VDF   : 8.11.235.24     5120 Bytes  25.05.2015 15:04:34
XBV00148.VDF   : 8.11.235.26     6144 Bytes  25.05.2015 15:04:34
XBV00149.VDF   : 8.11.235.28     8704 Bytes  25.05.2015 15:04:34
XBV00150.VDF   : 8.11.235.30    15872 Bytes  25.05.2015 15:04:34
XBV00151.VDF   : 8.11.235.32    15360 Bytes  25.05.2015 15:04:34
XBV00152.VDF   : 8.11.235.34     7168 Bytes  25.05.2015 15:04:35
XBV00153.VDF   : 8.11.235.36     4608 Bytes  25.05.2015 15:04:35
XBV00154.VDF   : 8.11.235.38    13312 Bytes  25.05.2015 15:04:35
XBV00155.VDF   : 8.11.235.40     7680 Bytes  26.05.2015 15:04:35
XBV00156.VDF   : 8.11.235.42    29696 Bytes  26.05.2015 15:04:35
XBV00157.VDF   : 8.11.235.44     8704 Bytes  26.05.2015 15:04:35
XBV00158.VDF   : 8.11.235.46     9728 Bytes  26.05.2015 15:04:35
XBV00159.VDF   : 8.11.235.48     6656 Bytes  26.05.2015 15:04:35
XBV00160.VDF   : 8.11.235.50     5632 Bytes  26.05.2015 15:04:35
XBV00161.VDF   : 8.11.235.52    15360 Bytes  26.05.2015 15:04:35
XBV00162.VDF   : 8.11.235.54     5632 Bytes  26.05.2015 15:04:35
XBV00163.VDF   : 8.11.235.58    26624 Bytes  26.05.2015 11:45:27
XBV00164.VDF   : 8.11.235.60     2048 Bytes  26.05.2015 11:45:27
XBV00165.VDF   : 8.11.235.70     2048 Bytes  26.05.2015 11:45:27
XBV00166.VDF   : 8.11.235.78     4608 Bytes  26.05.2015 11:45:28
XBV00167.VDF   : 8.11.235.80     2560 Bytes  26.05.2015 11:45:28
XBV00168.VDF   : 8.11.235.88    39936 Bytes  26.05.2015 11:45:28
XBV00169.VDF   : 8.11.235.96     9728 Bytes  27.05.2015 11:45:28
XBV00170.VDF   : 8.11.235.104    31232 Bytes  27.05.2015 11:45:28
XBV00171.VDF   : 8.11.235.106    46592 Bytes  27.05.2015 11:45:28
XBV00172.VDF   : 8.11.235.108     2048 Bytes  27.05.2015 11:45:28
XBV00173.VDF   : 8.11.235.110     2048 Bytes  27.05.2015 11:45:28
XBV00174.VDF   : 8.11.235.112    18432 Bytes  27.05.2015 11:45:28
XBV00175.VDF   : 8.11.235.114    18944 Bytes  27.05.2015 11:45:28
XBV00176.VDF   : 8.11.235.116     6656 Bytes  27.05.2015 11:45:28
XBV00177.VDF   : 8.11.235.118     9216 Bytes  27.05.2015 11:45:28
XBV00178.VDF   : 8.11.235.120     6656 Bytes  27.05.2015 11:45:28
XBV00179.VDF   : 8.11.235.130    34304 Bytes  27.05.2015 11:45:28
XBV00180.VDF   : 8.11.235.132     2048 Bytes  27.05.2015 11:45:28
XBV00181.VDF   : 8.11.235.140    12288 Bytes  27.05.2015 11:45:28
XBV00182.VDF   : 8.11.235.148     4096 Bytes  27.05.2015 11:45:28
XBV00183.VDF   : 8.11.235.160    15872 Bytes  28.05.2015 11:45:28
XBV00184.VDF   : 8.11.235.162     5120 Bytes  28.05.2015 11:45:28
XBV00185.VDF   : 8.11.235.168     2048 Bytes  28.05.2015 11:45:28
XBV00186.VDF   : 8.11.235.170    10752 Bytes  28.05.2015 11:45:28
XBV00187.VDF   : 8.11.235.172     2048 Bytes  28.05.2015 11:45:28
XBV00188.VDF   : 8.11.235.176     7168 Bytes  28.05.2015 11:45:28
XBV00189.VDF   : 8.11.235.178    14336 Bytes  28.05.2015 11:45:28
XBV00190.VDF   : 8.11.235.182    51200 Bytes  28.05.2015 11:45:28
XBV00191.VDF   : 8.11.235.184    40448 Bytes  28.05.2015 11:45:28
XBV00192.VDF   : 8.11.235.186     2048 Bytes  28.05.2015 11:45:29
XBV00193.VDF   : 8.11.235.190   141824 Bytes  29.05.2015 11:45:29
XBV00194.VDF   : 8.11.235.192     4096 Bytes  29.05.2015 11:45:29
XBV00195.VDF   : 8.11.235.200    48128 Bytes  29.05.2015 11:45:29
XBV00196.VDF   : 8.11.235.206     2048 Bytes  29.05.2015 11:45:29
LOCAL001.VDF   : 8.11.235.206 132153344 Bytes  29.05.2015 11:46:04
Engineversion  : 8.3.30.38 
AEVDF.DLL      : 8.3.1.6       133992 Bytes  24.09.2014 10:44:20
AESCRIPT.DLL   : 8.2.2.66      572272 Bytes  26.05.2015 15:04:32
AESCN.DLL      : 8.3.2.10      142456 Bytes  12.05.2015 21:36:58
AESBX.DLL      : 8.2.21.0     1622072 Bytes  26.05.2015 15:04:32
AERDL.DLL      : 8.2.1.20      731040 Bytes  11.02.2015 23:57:53
AEPACK.DLL     : 8.4.0.80      793728 Bytes  26.05.2015 15:04:32
AEOFFICE.DLL   : 8.3.1.22      363376 Bytes  24.04.2015 15:09:42
AEMOBILE.DLL   : 8.1.7.2       281720 Bytes  24.04.2015 15:09:47
AEHEUR.DLL     : 8.1.4.1702   8398760 Bytes  26.05.2015 15:04:32
AEHELP.DLL     : 8.3.2.0       281456 Bytes  19.03.2015 19:45:28
AEGEN.DLL      : 8.1.7.40      456608 Bytes  19.12.2014 14:39:49
AEEXP.DLL      : 8.4.2.88      266296 Bytes  12.05.2015 21:36:58
AEEMU.DLL      : 8.1.3.4       399264 Bytes  24.09.2014 10:44:20
AEDROID.DLL    : 8.4.3.116    1050536 Bytes  10.03.2015 19:02:24
AECORE.DLL     : 8.3.6.2       243624 Bytes  26.05.2015 15:04:30
AEBB.DLL       : 8.1.2.0        60448 Bytes  24.09.2014 10:44:20
AVWINLL.DLL    : 15.0.10.236    25904 Bytes  05.05.2015 09:09:22
AVPREF.DLL     : 15.0.10.236    52984 Bytes  05.05.2015 09:09:26
AVREP.DLL      : 15.0.10.236   220464 Bytes  05.05.2015 09:09:26
AVARKT.DLL     : 15.0.10.296   228088 Bytes  05.05.2015 09:09:23
AVEVTLOG.DLL   : 15.0.10.296   194296 Bytes  05.05.2015 09:09:24
SQLITE3.DLL    : 15.0.10.236   456440 Bytes  05.05.2015 09:09:36
AVSMTP.DLL     : 15.0.10.236    78128 Bytes  05.05.2015 09:09:27
NETNT.DLL      : 15.0.10.236    16120 Bytes  05.05.2015 09:09:34
CommonImageRc.dll: 15.0.10.236  4355376 Bytes  05.05.2015 09:09:22
CommonTextRc.DLL: 15.0.10.270    70904 Bytes  05.05.2015 09:09:22

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 1. Juni 2015  21:26

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Versteckter Thread
\Device\HarddiskV

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '177' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUSSoundProxy.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '207' Modul(e) wurden durchsucht
Durchsuche Prozess 'NetworkClient.EXE' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDVD10Serv.EXE' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIO Clip.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBVolumeWatcher.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'vuagent.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'PhotoshopElementsFileAgent.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv_svc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCPerfService.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vim.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'vim.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '168' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCAgent.exe' - '172' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2355' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\swapfile.sys
  [WARNUNG]   Die Datei konnte nicht geöffnet werden!


Ende des Suchlaufs: Montag, 1. Juni 2015  23:48
Benötigte Zeit:  2:22:42 Stunde(n)

Der Suchlauf wurde abgebrochen!

  19467 Verzeichnisse wurden überprüft
 434466 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      1 Dateien konnten nicht durchsucht werden
 434465 Dateien ohne Befall
   5669 Archive wurden durchsucht
      1 Warnungen
      0 Hinweise
    996 Objekte wurden beim Rootkitscan durchsucht
      2 Versteckte Objekte wurden gefunden
         
Ich weiß nicht, ob das evtl. etwas damit zu tun haben könnte, aber mein Laptop zeigt mir seit noch nicht allzu langer Zeit plötzlich wieder an, dass ich ein Wiederherstellungsmedium erstellen sollte, obwohl ich das eigentlich direkt zu Beginn bereits gemacht habe.
Eine andere Sache, die ich nicht wirklich einschätzen kann, ist, dass bei der vorinstallierten App des Audiorecorders im Task-Manager bei den Eigenschaften unter Sicherheit zwei Unbekannte Konten mit einer langen Zahlenfolge hintendran gelistet sind. Das habe ich sonst bei keinem anderen Prozess gefunden.
Ich weiß auch nicht wirklich wie der Virus auf meinen Laptop kommen konnte, da ich zu der Zeit des Fundes nur den Google Übersetzer und Youtube verwendet habe (man braucht doch schon eine große Sicherheitslücke, damit einfach so ein Virus auf den PC landen kann oder?) und der Echtzeitscanner doch nicht aufeinmal ein Virus findet, das schon länger aktiv ist oder?

Ich wollte einfach mal eine fachkundige Meinung einholen, ob mein PC nun sauber und insbesondere sicher ist oder ob noch etwas zu machen wäre, insbesondere weil ich in einem anderen Thread gelesen habe, dass man bei einem Backdoorbefall eigentlich direkt Neuaufsetzen sollte.

Vielen Dank schon einmal im Voraus!

Alt 05.06.2015, 12:59   #2
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Hier sind noch die Scans von GMER und FRST.

FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lukas (administrator) on LUKAS-PC on 05-06-2015 11:32:00
Running from C:\Users\Lukas\Desktop
Loaded Profiles: UpdatusUser & Lukas (Available Profiles: UpdatusUser & Lukas)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-30] (NVIDIA Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
URLSearchHook: [S-1-5-21-2200920533-3107399475-823698359-1001] ATTENTION ==> Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default
FF Homepage: uni-bamberg.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default\Extensions\abs@avira.com [2015-05-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-10-09] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-03] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 11:32 - 2015-06-05 11:32 - 00017740 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-06-05 11:31 - 2015-06-05 11:32 - 00000000 ____D C:\FRST
2015-06-05 11:31 - 2015-06-05 11:31 - 02108928 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-06-05 11:17 - 2015-06-05 11:17 - 00000000 ____D C:\Users\Lukas\AppData\Local\GWX
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-24 23:49 - 2015-05-24 23:49 - 00007597 _____ C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2015-05-16 15:54 - 2015-05-16 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-13 23:49 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 23:49 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 22:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 22:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 22:02 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 22:02 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 21:56 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 21:56 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 21:56 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 21:56 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 21:56 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 21:56 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 21:56 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 21:56 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 21:56 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 21:56 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 21:56 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 21:56 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 21:56 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 21:56 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 21:56 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 21:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 21:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 21:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 21:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 21:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 21:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 21:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 21:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 21:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 21:55 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 21:55 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 21:55 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 21:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 21:55 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 21:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 21:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 21:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 21:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 21:55 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 21:55 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 21:55 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 21:55 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 21:55 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 21:55 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 21:55 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-12 21:55 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 21:55 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 21:55 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 21:55 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 21:55 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 21:55 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 21:38 - 2015-05-12 21:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 11:24 - 2014-01-26 15:49 - 01176624 _____ C:\Windows\WindowsUpdate.log
2015-06-05 11:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-05 11:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-05 11:11 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-04 14:51 - 2014-10-11 14:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-04 13:44 - 2014-10-05 23:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2200920533-3107399475-823698359-1002
2015-06-04 13:25 - 2014-10-11 13:45 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2015-06-01 23:58 - 2013-08-22 16:46 - 00028898 _____ C:\Windows\setupact.log
2015-06-01 23:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-01 23:52 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-01 21:17 - 2014-11-04 23:00 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\dvdcss
2015-06-01 21:15 - 2014-01-26 15:44 - 00020526 _____ C:\Windows\DPINST.LOG
2015-06-01 21:14 - 2013-08-22 16:44 - 00686496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-01 21:13 - 2015-03-25 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-01 21:13 - 2013-09-13 23:00 - 00396896 _____ C:\Windows\PFRO.log
2015-06-01 18:49 - 2014-10-15 11:32 - 00000000 ____D C:\Users\Lukas\Downloads\VC
2015-06-01 18:43 - 2015-03-05 17:09 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 11:13 - 2013-10-29 05:31 - 00764104 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-26 00:01 - 2014-10-15 11:33 - 00000000 ____D C:\Users\Lukas\Downloads\Sonstiges
2015-05-25 23:39 - 2014-10-19 14:30 - 00000000 ____D C:\Users\Lukas\Documents\Bafög
2015-05-25 21:54 - 2014-01-27 00:26 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-05-25 21:54 - 2014-01-27 00:26 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-05-25 21:54 - 2013-09-13 23:06 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-25 19:44 - 2014-10-23 18:36 - 00000000 ____D C:\Windows\SysWOW64\SupportAppCB
2015-05-25 19:44 - 2014-01-26 15:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 18:47 - 2014-10-09 16:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-16 15:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-14 01:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-13 21:49 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 00:45 - 2014-10-19 19:47 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 00:42 - 2014-10-19 19:47 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 00:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-05-13 00:38 - 2015-01-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:05 - 2013-08-22 21:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 21:38 - 2014-01-26 16:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2015-05-24 23:49 - 2015-05-24 23:49 - 0007597 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2014-01-26 15:45 - 2014-01-26 15:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-17 16:15

==================== End of log ============================
         
--- --- ---


Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Lukas at 2015-06-05 11:32:54
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2200920533-3107399475-823698359-500 - Administrator - Disabled)
Gast (S-1-5-21-2200920533-3107399475-823698359-501 - Limited - Disabled)
Lukas (S-1-5-21-2200920533-3107399475-823698359-1002 - Administrator - Enabled) => C:\Users\Lukas
UpdatusUser (S-1-5-21-2200920533-3107399475-823698359-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica SE 4.1 (HKLM-x32\...\Acoustica SE_is1) (Version: 4.1 - Acon Digital Media GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{4065415E-A05E-4555-B527-CEF9F165B8BC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 (HKLM\...\MX.{FFDC29E6-5C7C-4AA8-AF5A-99E015165382}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Recorder-Studio SE 1.0 (HKLM-x32\...\Recorder-Studio SE_is1) (Version: 1.0 - BHV Software GmbH & Co. KG)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E2DE56-6195-4219-97FA-C02DB560B2DF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {03CB2651-7B56-4475-AC70-F3456D9EE678} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {06AE4280-390E-4D41-B421-097EE5192256} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {211C0199-F456-42F3-82BD-1B971E5C432B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {291763B2-BB16-4667-9FAA-8350B93A117A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2D1E425F-7D3E-4B21-A676-3775B76485F5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {30CAF148-43B4-48C0-A784-AA497FD40ECE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {353297FB-B5BA-4320-A202-818227306558} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {375A5AAB-64B4-4378-95CC-51CAD5A86FF4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3EE9E4F6-FE5E-43AF-B733-59265B9D5B7B} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {4EA139A3-52C8-485A-AAD2-ACC92E97D882} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {527175CC-7D76-431B-803F-622F38833063} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {597C0513-1CE4-4DAE-9145-C3C7938A101D} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {5C5DFD80-2EFB-4D21-81C6-EC7A711E3973} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)
Task: {5E56C47A-7F6C-422A-83C3-D0D78ED7D9EE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E81E348-9850-4D69-8DE4-8B4DD966A474} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {61379401-D2D2-409A-89BA-ED1EAFB4A3F9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {7308AA49-AD51-460B-A128-7DC5C96533C3} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {74A87D5C-4A13-4B73-89C0-07F1EF8454E9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {8D8D6B91-3297-4C25-829B-D4F1FEA8CA3C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {9309103C-41C0-4C9E-BC1A-FF1DA085C568} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {995FD0C4-4B92-4BE5-A323-4EA532D769E9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9ADDCB66-46AB-4F9C-AA53-381B18D689AB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {A1E48529-6AC6-40CD-9782-6DFE07AAAABA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A6933DF9-81D2-42E2-9B3F-A45268AAA2F5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {A91A03C9-22B3-4609-B0E5-D809A7DE84BB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {BAD95FB4-AB1A-4F99-B236-5FB96CEDC5E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {BB668D66-4C7E-4D07-B590-8E6CC6003BE3} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C2C4D164-ED37-4F33-BC9E-8FC2DA21FFCA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C6E1C42F-8112-497F-97B5-F7C47CB777D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C7633A92-09AE-43DA-8B63-3F5B8A311D37} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {C85A2D48-F2AE-42F4-AB63-E1A763420AEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {C9012A95-8E78-46DF-8A88-550E9BB1F42D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {D339AD84-73E7-4662-B42B-A70577E5FC51} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.)
Task: {D3F1B05A-5EC3-49A9-A6BE-A1F7B46799E5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {DC1F8240-23B1-40E2-AB19-7F8EB3038958} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E27666EA-543E-49A7-8CFA-024B9058B9C9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2977F39-332C-4B77-A032-FA697E7203B5} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {EEC8D213-B8C3-4F97-B0BD-3F0B83F33F0B} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F08A71E5-3F8A-4D79-B7B1-EED6257CC771} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {FB993DA0-820A-41B1-A7A2-A6184DDA44AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-25 15:20 - 2013-09-25 15:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-11-05 16:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-26 15:49 - 2013-10-30 04:18 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-26 15:43 - 2013-09-18 04:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Bluetooth"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B9218B80-AD4F-475D-A463-C4C1F49B79C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32844DDA-B49A-424B-99F0-BDAEFCD47D01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{564A4495-198F-49A1-8DF4-775C99374901}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6C092FD2-8F10-47DD-AC94-985A5B5B0DFB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{67DD2A88-3679-48E2-A4C8-B99CCCB3E803}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B75CC025-1550-4578-8185-770F27B01BE8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0824176-837A-4A14-B83B-6B76C2C125BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F6027EAC-0F61-40CE-836B-8FB0D72625B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9B9A5E79-6565-4D68-AC59-127FFAC0A1F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BB93AF72-0D6B-4B9C-ADFE-74FECB4EA655}] => (Allow) LPort=2869
FirewallRules: [{7AB19AFC-8C6D-4580-A46B-5B3100261584}] => (Allow) LPort=1900
FirewallRules: [{3737352A-868A-4A3C-9377-D0B4B964E1DE}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015\Videodeluxe.exe
FirewallRules: [{2A431B48-FF61-403F-9E94-5F7159E43361}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{EC994205-45FE-41B5-AA58-0542C9C7374C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{68B879E3-FD87-4CDC-A4C1-C0F68615CEB5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{A58FF69F-03E6-45B0-BDDA-EC86F5EE8996}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{DC787676-6CFF-4CA2-9947-FAFEAF334ECC}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{C3AC2A96-0F48-4CF2-8100-42F9EF076282}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F1553058-B131-4682-BB6C-369BBD9AD98D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D47F3AA0-E43A-4184-8C63-751C24486B69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{81500139-6DD1-4049-8A04-AB77384F5F7C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10A30411-A2AB-4DF6-9B22-EB500571E6C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2015 11:16:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/04/2015 03:00:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 03:00:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:59:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:59:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:58:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:58:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:57:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:57:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:56:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


System errors:
=============
Error: (06/01/2015 11:57:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (06/01/2015 11:57:36 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B3E53F1A-1C31-4A43-A66D-321FA322BCE7}

Error: (06/01/2015 11:52:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B3E53F1A-1C31-4A43-A66D-321FA322BCE7}

Error: (06/01/2015 07:02:20 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B3E53F1A-1C31-4A43-A66D-321FA322BCE7}

Error: (05/25/2015 11:59:51 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/23/2015 07:22:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (05/18/2015 08:30:16 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/17/2015 11:34:25 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/17/2015 09:54:02 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/17/2015 08:19:27 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office:
=========================
Error: (06/05/2015 11:16:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/04/2015 03:00:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 03:00:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:59:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:59:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:58:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:58:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:57:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:57:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/04/2015 02:56:08 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 27%
Total physical RAM: 8103.8 MB
Available physical RAM: 5839.21 MB
Total Pagefile: 9383.8 MB
Available Pagefile: 7188.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:904.44 GB) (Free:833.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7A582497)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---


GMER.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-05 11:44:21
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 WDC_WD10JPVX-55JC3T3 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Lukas\AppData\Local\Temp\kglcapow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation       00007ffc409e3e10 7 bytes JMP 00007ffd404e02d0
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW              00007ffc409e3e20 7 bytes JMP 00007ffd404e0308
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                00007ffc40a939b0 7 bytes JMP 00007ffd404e03b0
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW               00007ffc40a93ef0 7 bytes JMP 00007ffd404e0340
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                00007ffc40a93fe0 7 bytes JMP 00007ffd404e0378
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx       00007ffc40ac06c0 7 bytes JMP 00007ffd404e0228
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW         00007ffc40ac0730 7 bytes JMP 00007ffd404e0298
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNEL32.DLL!K32GetModuleFileNameExW       00007ffc40ac0760 7 bytes JMP 00007ffd404e0260
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                 00007ffc405421d0 5 bytes JMP 00007ffd404e0180
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW            00007ffc405429d0 7 bytes JMP 00007ffd404e00d8
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW          00007ffc40544310 5 bytes JMP 00007ffd404e0110
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW              00007ffc40548d80 5 bytes JMP 00007ffd404e0148
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\USER32.dll!CreateWindowExW                 00007ffc42b06d90 10 bytes JMP 00007ffd404e0490
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW             00007ffc42b174a0 5 bytes JMP 00007ffd404e0458
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo      00007ffc42b17560 1 byte JMP 00007ffd404e03e8
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2  00007ffc42b17562 7 bytes {JMP 0xfffffffffd9c8e88}
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA             00007ffc42b26b10 5 bytes JMP 00007ffd404e0420
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList         00007ffc40881500 8 bytes JMP 00007ffd404e01b8
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo           00007ffc40881750 8 bytes JMP 00007ffd404e01f0
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\System32\dxgi.dll!CreateDXGIFactory                 00007ffc3e207750 5 bytes JMP 00007ffd3e1f00d8
.text   C:\Windows\System32\dwm.exe[3040] C:\Windows\System32\dxgi.dll!CreateDXGIFactory1                00007ffc3e208ee0 5 bytes JMP 00007ffd3e1f0110

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [2780:2320]                                                        fffff9600086c2d0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
         
__________________


Alt 05.06.2015, 13:15   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 05.06.2015, 14:10   #4
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Nach dem Entpacken von Malwarebytes Anti-Rootkit kommt folgendes Fenster:

"Probable rootkit activity detected:

Rootkit value "AppInit_Dlls" has been found, which may be cuased by rootkit activity.

Note: Rpess "No" button if you're not sure. If the tool chrashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.

Do you want to remove this value and restart the tool?"

Beide Scans sind negativ ausgefallen.

Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.05.02
  rootkit: v2015.06.02.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
Lukas :: LUKAS-PC [administrator]

05.06.2015 13:34:47
mbar-log-2015-06-05 (13-34-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 431396
Time elapsed: 24 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Die eben genannte Fehlermeldung kommt aber nach erneutem Öffnen wieder.

TDSSKiller:
Code:
ATTFilter
14:04:41.0269 0x169c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:04:41.0269 0x169c  UEFI system
14:04:45.0141 0x169c  ============================================================
14:04:45.0141 0x169c  Current date / time: 2015/06/05 14:04:45.0141
14:04:45.0141 0x169c  SystemInfo:
14:04:45.0141 0x169c  
14:04:45.0141 0x169c  OS Version: 6.3.9600 ServicePack: 0.0
14:04:45.0141 0x169c  Product type: Workstation
14:04:45.0141 0x169c  ComputerName: LUKAS-PC
14:04:45.0141 0x169c  UserName: Lukas
14:04:45.0141 0x169c  Windows directory: C:\Windows
14:04:45.0141 0x169c  System windows directory: C:\Windows
14:04:45.0141 0x169c  Running under WOW64
14:04:45.0141 0x169c  Processor architecture: Intel x64
14:04:45.0141 0x169c  Number of processors: 4
14:04:45.0141 0x169c  Page size: 0x1000
14:04:45.0141 0x169c  Boot type: Normal boot
14:04:45.0141 0x169c  ============================================================
14:04:45.0737 0x169c  KLMD registered as C:\Windows\system32\drivers\14319028.sys
14:04:46.0619 0x169c  System UUID: {BD2D7522-210C-B3D0-614A-30C426497CAA}
14:04:47.0309 0x169c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:04:47.0314 0x169c  ============================================================
14:04:47.0314 0x169c  \Device\Harddisk0\DR0:
14:04:47.0315 0x169c  GPT partitions:
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {2A01616C-32B3-46AD-A05B-8BF5DA1B3F39}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x1E5000
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C95F10B8-B12A-424A-A198-4E60AF6EE2D0}, Name: Basic data partition, StartLBA 0x1E5800, BlocksNum 0x1A4000
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BA8483E4-16E0-4A8C-AE88-F1F4BE7755E6}, Name: EFI system partition, StartLBA 0x389800, BlocksNum 0x82000
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AB45A862-11F3-4DE6-AFAE-B6172A7BA34C}, Name: Microsoft reserved partition, StartLBA 0x40B800, BlocksNum 0x40000
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4C5A2987-1C95-4416-A8C0-0E13C6B6BC9E}, Name: Basic data partition, StartLBA 0x44B800, BlocksNum 0x710E0000
14:04:47.0316 0x169c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F0C314AF-3358-4B08-B1FF-084D8E620E13}, Name: Basic data partition, StartLBA 0x7152B800, BlocksNum 0x31DB000
14:04:47.0316 0x169c  MBR partitions:
14:04:47.0316 0x169c  ============================================================
14:04:47.0332 0x169c  C: <-> \Device\Harddisk0\DR0\Partition5
14:04:47.0332 0x169c  ============================================================
14:04:47.0332 0x169c  Initialize success
14:04:47.0332 0x169c  ============================================================
14:05:39.0807 0x1768  ============================================================
14:05:39.0807 0x1768  Scan started
14:05:39.0807 0x1768  Mode: Manual; SigCheck; TDLFS; 
14:05:39.0807 0x1768  ============================================================
14:05:39.0807 0x1768  KSN ping started
14:05:42.0197 0x1768  KSN ping finished: true
14:05:43.0325 0x1768  ================ Scan system memory ========================
14:05:43.0325 0x1768  System memory - ok
14:05:43.0325 0x1768  ================ Scan services =============================
14:05:43.0497 0x1768  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
14:05:43.0669 0x1768  1394ohci - ok
14:05:43.0716 0x1768  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
14:05:43.0731 0x1768  3ware - ok
14:05:43.0778 0x1768  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:05:43.0825 0x1768  ACPI - ok
14:05:43.0825 0x1768  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
14:05:43.0841 0x1768  acpiex - ok
14:05:43.0856 0x1768  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
14:05:43.0887 0x1768  acpipagr - ok
14:05:43.0887 0x1768  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
14:05:43.0950 0x1768  AcpiPmi - ok
14:05:43.0950 0x1768  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
14:05:43.0981 0x1768  acpitime - ok
14:05:44.0106 0x1768  [ 430C19CB511FD6E0DDCD44B42B1810DA, 2EE9FFB0B6DEC653327D8932EC731D81FF86C64A67CD37AABD2022CF04AA487C ] AdobeActiveFileMonitor12.0 c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
14:05:44.0122 0x1768  AdobeActiveFileMonitor12.0 - ok
14:05:44.0184 0x1768  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:05:44.0200 0x1768  AdobeARMservice - ok
14:05:44.0278 0x1768  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:05:44.0309 0x1768  AdobeFlashPlayerUpdateSvc - ok
14:05:44.0356 0x1768  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
14:05:44.0403 0x1768  ADP80XX - ok
14:05:44.0450 0x1768  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:05:44.0481 0x1768  AeLookupSvc - ok
14:05:44.0528 0x1768  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
14:05:44.0591 0x1768  AFD - ok
14:05:44.0622 0x1768  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:05:44.0637 0x1768  agp440 - ok
14:05:44.0669 0x1768  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
14:05:44.0716 0x1768  ahcache - ok
14:05:44.0731 0x1768  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
14:05:44.0778 0x1768  ALG - ok
14:05:44.0809 0x1768  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
14:05:44.0856 0x1768  AmdK8 - ok
14:05:44.0888 0x1768  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
14:05:44.0919 0x1768  AmdPPM - ok
14:05:44.0934 0x1768  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:05:44.0950 0x1768  amdsata - ok
14:05:44.0981 0x1768  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:05:45.0012 0x1768  amdsbs - ok
14:05:45.0012 0x1768  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:05:45.0028 0x1768  amdxata - ok
14:05:45.0122 0x1768  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
14:05:45.0153 0x1768  AntiVirMailService - ok
14:05:45.0200 0x1768  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:05:45.0216 0x1768  AntiVirSchedulerService - ok
14:05:45.0262 0x1768  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:05:45.0278 0x1768  AntiVirService - ok
14:05:45.0325 0x1768  [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
14:05:45.0372 0x1768  AntiVirWebService - ok
14:05:45.0388 0x1768  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
14:05:45.0466 0x1768  AppID - ok
14:05:45.0513 0x1768  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:05:45.0559 0x1768  AppIDSvc - ok
14:05:45.0591 0x1768  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
14:05:45.0653 0x1768  Appinfo - ok
14:05:45.0700 0x1768  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
14:05:45.0794 0x1768  AppReadiness - ok
14:05:45.0903 0x1768  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
14:05:46.0028 0x1768  AppXSvc - ok
14:05:46.0091 0x1768  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:05:46.0106 0x1768  arcsas - ok
14:05:46.0122 0x1768  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:05:46.0153 0x1768  AsyncMac - ok
14:05:46.0169 0x1768  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:05:46.0184 0x1768  atapi - ok
14:05:46.0325 0x1768  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
14:05:46.0512 0x1768  athr - ok
14:05:46.0544 0x1768  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:05:46.0606 0x1768  AudioEndpointBuilder - ok
14:05:46.0669 0x1768  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:05:46.0747 0x1768  Audiosrv - ok
14:05:46.0778 0x1768  [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:05:46.0825 0x1768  avgntflt - ok
14:05:46.0856 0x1768  [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:05:46.0872 0x1768  avipbb - ok
14:05:46.0887 0x1768  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:05:46.0887 0x1768  avkmgr - ok
14:05:46.0919 0x1768  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
14:05:46.0934 0x1768  avnetflt - ok
14:05:46.0966 0x1768  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:05:47.0028 0x1768  AxInstSV - ok
14:05:47.0075 0x1768  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:05:47.0106 0x1768  b06bdrv - ok
14:05:47.0138 0x1768  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
14:05:47.0184 0x1768  BasicDisplay - ok
14:05:47.0216 0x1768  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
14:05:47.0309 0x1768  BasicRender - ok
14:05:47.0341 0x1768  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
14:05:47.0372 0x1768  bcbtums - ok
14:05:47.0653 0x1768  [ 07D70212F6D84D8ADC351AB13C860673, 525DC6139BE6D682762228D383FD1CABDA2B423574226E5F44897B7FBBF8D1DB ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl63a.sys
14:05:47.0950 0x1768  BCM43XX - ok
14:05:48.0059 0x1768  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
14:05:48.0137 0x1768  BcmBtRSupport - ok
14:05:48.0169 0x1768  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
14:05:48.0184 0x1768  bcmfn2 - ok
14:05:48.0231 0x1768  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
14:05:48.0309 0x1768  BDESVC - ok
14:05:48.0341 0x1768  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
14:05:48.0388 0x1768  Beep - ok
14:05:48.0450 0x1768  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
14:05:48.0528 0x1768  BFE - ok
14:05:48.0606 0x1768  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
14:05:48.0684 0x1768  BITS - ok
14:05:48.0700 0x1768  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:05:48.0747 0x1768  bowser - ok
14:05:48.0794 0x1768  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:05:48.0888 0x1768  BrokerInfrastructure - ok
14:05:48.0919 0x1768  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
14:05:48.0997 0x1768  Browser - ok
14:05:49.0028 0x1768  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
14:05:49.0059 0x1768  BthAvrcpTg - ok
14:05:49.0091 0x1768  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
14:05:49.0153 0x1768  BthEnum - ok
14:05:49.0184 0x1768  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
14:05:49.0216 0x1768  BthHFEnum - ok
14:05:49.0247 0x1768  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
14:05:49.0263 0x1768  bthhfhid - ok
14:05:49.0309 0x1768  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
14:05:49.0372 0x1768  BthHFSrv - ok
14:05:49.0419 0x1768  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
14:05:49.0481 0x1768  BthLEEnum - ok
14:05:49.0513 0x1768  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
14:05:49.0544 0x1768  BTHMODEM - ok
14:05:49.0575 0x1768  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
14:05:49.0638 0x1768  BthPan - ok
14:05:49.0716 0x1768  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:05:49.0794 0x1768  BTHPORT - ok
14:05:49.0809 0x1768  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
14:05:49.0872 0x1768  bthserv - ok
14:05:49.0903 0x1768  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:05:49.0919 0x1768  BTHUSB - ok
14:05:49.0950 0x1768  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
14:05:49.0966 0x1768  btwampfl - ok
14:05:49.0997 0x1768  [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
14:05:50.0075 0x1768  btwaudio - ok
14:05:50.0106 0x1768  [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt         C:\Windows\System32\drivers\btwavdt.sys
14:05:50.0122 0x1768  btwavdt - ok
14:05:50.0216 0x1768  [ D90264CCC8D627F5ADD89C8565331A19, A9597DA9B6C89F8CE2CF7C3F69365074045B9D9422F29BBB7A4AF7EA93DECFE3 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:05:50.0263 0x1768  btwdins - ok
14:05:50.0309 0x1768  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
14:05:50.0325 0x1768  btwl2cap - ok
14:05:50.0356 0x1768  [ BF79442906F4BB3DC4A81EA6B82EAD60, 2B67731D1C43C83A19CDC4ACE9605C9F3DA7347CC64C420DD00F8828227E939F ] btwrchid        C:\Windows\System32\drivers\btwrchid.sys
14:05:50.0356 0x1768  btwrchid - ok
14:05:50.0372 0x1768  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:05:50.0403 0x1768  cdfs - ok
14:05:50.0434 0x1768  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
14:05:50.0466 0x1768  cdrom - ok
14:05:50.0497 0x1768  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:05:50.0575 0x1768  CertPropSvc - ok
14:05:50.0591 0x1768  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
14:05:50.0606 0x1768  circlass - ok
14:05:50.0653 0x1768  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
14:05:50.0700 0x1768  CLFS - ok
14:05:51.0153 0x1768  [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:05:51.0247 0x1768  ClickToRunSvc - ok
14:05:51.0294 0x1768  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
14:05:51.0325 0x1768  CLVirtualDrive - ok
14:05:51.0341 0x1768  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
14:05:51.0372 0x1768  CmBatt - ok
14:05:51.0481 0x1768  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:05:51.0513 0x1768  CNG - ok
14:05:51.0528 0x1768  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
14:05:51.0559 0x1768  CompositeBus - ok
14:05:51.0559 0x1768  COMSysApp - ok
14:05:51.0575 0x1768  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
14:05:51.0606 0x1768  condrv - ok
14:05:51.0747 0x1768  [ 83F11F478C44A6617EA4661824920E62, 19EE2C93907299D0584164403E344D519083EB4D7B5FFAFF980A8F0421B188D2 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:05:51.0794 0x1768  cphs - ok
14:05:51.0825 0x1768  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:05:51.0919 0x1768  CryptSvc - ok
14:05:51.0950 0x1768  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
14:05:51.0966 0x1768  dam - ok
14:05:52.0028 0x1768  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:05:52.0106 0x1768  DcomLaunch - ok
14:05:52.0169 0x1768  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
14:05:52.0263 0x1768  defragsvc - ok
14:05:52.0309 0x1768  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
14:05:52.0356 0x1768  DeviceAssociationService - ok
14:05:52.0388 0x1768  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
14:05:52.0450 0x1768  DeviceInstall - ok
14:05:52.0497 0x1768  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
14:05:52.0559 0x1768  Dfsc - ok
14:05:52.0606 0x1768  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:05:52.0700 0x1768  Dhcp - ok
14:05:52.0778 0x1768  [ 9703EC57F5BBB94F89CA80A5D0C12221, 29639F73AA86AA42401A1DB0AF4E76012E617879EC03AD7591210164BA105EBF ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:05:52.0841 0x1768  DiagTrack - ok
14:05:52.0872 0x1768  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
14:05:52.0888 0x1768  disk - ok
14:05:52.0888 0x1768  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
14:05:52.0966 0x1768  dmvsc - ok
14:05:52.0997 0x1768  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:05:53.0044 0x1768  Dnscache - ok
14:05:53.0075 0x1768  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:05:53.0122 0x1768  dot3svc - ok
14:05:53.0169 0x1768  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
14:05:53.0200 0x1768  DPS - ok
14:05:53.0216 0x1768  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:05:53.0247 0x1768  drmkaud - ok
14:05:53.0294 0x1768  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
14:05:53.0341 0x1768  DsmSvc - ok
14:05:53.0419 0x1768  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:05:53.0497 0x1768  DXGKrnl - ok
14:05:53.0528 0x1768  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
14:05:53.0575 0x1768  Eaphost - ok
14:05:53.0716 0x1768  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:05:53.0888 0x1768  ebdrv - ok
14:05:53.0934 0x1768  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
14:05:53.0966 0x1768  EFS - ok
14:05:53.0966 0x1768  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
14:05:53.0981 0x1768  EhStorClass - ok
14:05:53.0997 0x1768  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:05:54.0028 0x1768  EhStorTcgDrv - ok
14:05:54.0028 0x1768  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
14:05:54.0059 0x1768  ErrDev - ok
14:05:54.0122 0x1768  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
14:05:54.0216 0x1768  EventSystem - ok
14:05:54.0247 0x1768  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:05:54.0325 0x1768  exfat - ok
14:05:54.0356 0x1768  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:05:54.0372 0x1768  fastfat - ok
14:05:54.0419 0x1768  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
14:05:54.0513 0x1768  Fax - ok
14:05:54.0544 0x1768  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
14:05:54.0575 0x1768  fdc - ok
14:05:54.0606 0x1768  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:05:54.0653 0x1768  fdPHost - ok
14:05:54.0684 0x1768  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:05:54.0716 0x1768  FDResPub - ok
14:05:54.0747 0x1768  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
14:05:54.0809 0x1768  fhsvc - ok
14:05:54.0841 0x1768  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:05:54.0856 0x1768  FileInfo - ok
14:05:54.0888 0x1768  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:05:54.0919 0x1768  Filetrace - ok
14:05:54.0934 0x1768  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
14:05:54.0966 0x1768  flpydisk - ok
14:05:55.0028 0x1768  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:05:55.0059 0x1768  FltMgr - ok
14:05:55.0200 0x1768  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\Windows\system32\FntCache.dll
14:05:55.0309 0x1768  FontCache - ok
14:05:55.0372 0x1768  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:05:55.0388 0x1768  FontCache3.0.0.0 - ok
14:05:55.0419 0x1768  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:05:55.0434 0x1768  FsDepends - ok
14:05:55.0450 0x1768  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:05:55.0466 0x1768  Fs_Rec - ok
14:05:55.0513 0x1768  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:05:55.0559 0x1768  fvevol - ok
14:05:55.0559 0x1768  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
14:05:55.0575 0x1768  FxPPM - ok
14:05:55.0591 0x1768  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:05:55.0606 0x1768  gagp30kx - ok
14:05:55.0622 0x1768  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
14:05:55.0638 0x1768  gencounter - ok
14:05:55.0669 0x1768  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
14:05:55.0684 0x1768  GPIOClx0101 - ok
14:05:55.0763 0x1768  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:05:55.0825 0x1768  gpsvc - ok
14:05:55.0888 0x1768  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:05:55.0919 0x1768  HdAudAddService - ok
14:05:55.0950 0x1768  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
14:05:55.0997 0x1768  HDAudBus - ok
14:05:56.0013 0x1768  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
14:05:56.0044 0x1768  HidBatt - ok
14:05:56.0091 0x1768  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
14:05:56.0122 0x1768  HidBth - ok
14:05:56.0153 0x1768  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
14:05:56.0184 0x1768  hidi2c - ok
14:05:56.0184 0x1768  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
14:05:56.0200 0x1768  HidIr - ok
14:05:56.0231 0x1768  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
14:05:56.0263 0x1768  hidserv - ok
14:05:56.0294 0x1768  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
14:05:56.0310 0x1768  HidUsb - ok
14:05:56.0341 0x1768  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:05:56.0403 0x1768  hkmsvc - ok
14:05:56.0435 0x1768  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:05:56.0497 0x1768  HomeGroupListener - ok
14:05:56.0559 0x1768  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:05:56.0591 0x1768  HomeGroupProvider - ok
14:05:56.0606 0x1768  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:05:56.0622 0x1768  HpSAMD - ok
14:05:56.0731 0x1768  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:05:56.0778 0x1768  HTTP - ok
14:05:56.0810 0x1768  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:05:56.0825 0x1768  hwpolicy - ok
14:05:56.0841 0x1768  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
14:05:56.0872 0x1768  hyperkbd - ok
14:05:56.0872 0x1768  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
14:05:56.0888 0x1768  HyperVideo - ok
14:05:56.0919 0x1768  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
14:05:56.0981 0x1768  i8042prt - ok
14:05:56.0997 0x1768  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
14:05:57.0013 0x1768  iaLPSSi_GPIO - ok
14:05:57.0013 0x1768  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
14:05:57.0028 0x1768  iaLPSSi_I2C - ok
14:05:57.0059 0x1768  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
14:05:57.0091 0x1768  iaStorA - ok
14:05:57.0122 0x1768  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
14:05:57.0153 0x1768  iaStorAV - ok
14:05:57.0184 0x1768  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:05:57.0200 0x1768  iaStorV - ok
14:05:57.0216 0x1768  IEEtwCollectorService - ok
14:05:57.0388 0x1768  [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:05:57.0638 0x1768  igfx - ok
14:05:57.0716 0x1768  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:05:57.0778 0x1768  IKEEXT - ok
14:05:57.0794 0x1768  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:05:57.0825 0x1768  intaud_WaveExtensible - ok
14:05:57.0981 0x1768  [ A189C5F684DE5D1A0084138ADB383DDD, E351C730AAEE606F0AE86545998AD6323BDFA66CEAD0CA9F3931FFA8465406F6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:05:58.0153 0x1768  IntcAzAudAddService - ok
14:05:58.0247 0x1768  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:05:58.0278 0x1768  IntcDAud - ok
14:05:58.0356 0x1768  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:05:58.0419 0x1768  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:06:00.0903 0x1768  Detect skipped due to KSN trusted
14:06:00.0903 0x1768  Intel(R) Capability Licensing Service Interface - ok
14:06:01.0075 0x1768  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:06:01.0106 0x1768  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:06:01.0185 0x1768  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:06:01.0216 0x1768  Intel(R) ME Service - ok
14:06:01.0231 0x1768  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:06:01.0247 0x1768  intelide - ok
14:06:01.0278 0x1768  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
14:06:01.0294 0x1768  intelpep - ok
14:06:01.0294 0x1768  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
14:06:01.0325 0x1768  intelppm - ok
14:06:01.0341 0x1768  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:06:01.0388 0x1768  IpFilterDriver - ok
14:06:01.0466 0x1768  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:06:01.0528 0x1768  iphlpsvc - ok
14:06:01.0560 0x1768  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
14:06:01.0669 0x1768  IPMIDRV - ok
14:06:01.0685 0x1768  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:06:01.0778 0x1768  IPNAT - ok
14:06:01.0810 0x1768  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:06:01.0841 0x1768  IRENUM - ok
14:06:01.0856 0x1768  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:06:01.0872 0x1768  isapnp - ok
14:06:01.0903 0x1768  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
14:06:01.0935 0x1768  iScsiPrt - ok
14:06:01.0966 0x1768  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
14:06:01.0966 0x1768  iwdbus - ok
14:06:01.0997 0x1768  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:06:02.0013 0x1768  jhi_service - ok
14:06:02.0044 0x1768  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
14:06:02.0060 0x1768  kbdclass - ok
14:06:02.0075 0x1768  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
14:06:02.0106 0x1768  kbdhid - ok
14:06:02.0122 0x1768  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
14:06:02.0185 0x1768  kdnic - ok
14:06:02.0200 0x1768  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
14:06:02.0216 0x1768  KeyIso - ok
14:06:02.0247 0x1768  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:06:02.0263 0x1768  KSecDD - ok
14:06:02.0310 0x1768  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:06:02.0325 0x1768  KSecPkg - ok
14:06:02.0341 0x1768  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:06:02.0372 0x1768  ksthunk - ok
14:06:02.0403 0x1768  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:06:02.0419 0x1768  KtmRm - ok
14:06:02.0466 0x1768  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:06:02.0528 0x1768  LanmanServer - ok
14:06:02.0560 0x1768  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:06:02.0591 0x1768  LanmanWorkstation - ok
14:06:02.0638 0x1768  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
14:06:02.0716 0x1768  lfsvc - ok
14:06:02.0747 0x1768  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:06:02.0778 0x1768  lltdio - ok
14:06:02.0841 0x1768  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:06:02.0872 0x1768  lltdsvc - ok
14:06:02.0903 0x1768  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:06:02.0950 0x1768  lmhosts - ok
14:06:03.0013 0x1768  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:06:03.0028 0x1768  LMS - ok
14:06:03.0060 0x1768  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:06:03.0075 0x1768  LSI_SAS - ok
14:06:03.0075 0x1768  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:06:03.0091 0x1768  LSI_SAS2 - ok
14:06:03.0091 0x1768  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
14:06:03.0106 0x1768  LSI_SAS3 - ok
14:06:03.0122 0x1768  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
14:06:03.0138 0x1768  LSI_SSS - ok
14:06:03.0185 0x1768  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
14:06:03.0247 0x1768  LSM - ok
14:06:03.0278 0x1768  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:06:03.0310 0x1768  luafv - ok
14:06:03.0325 0x1768  massfilter - ok
14:06:03.0372 0x1768  [ 77AB66599EAFF797744D17C502FECDB9, E3A356AC3D6958B08C126D2C4231F2F7A655348606AE53FB95C6DA17908B32D1 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
14:06:03.0388 0x1768  McComponentHostServiceSony - ok
14:06:03.0403 0x1768  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
14:06:03.0419 0x1768  megasas - ok
14:06:03.0435 0x1768  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
14:06:03.0481 0x1768  megasr - ok
14:06:03.0497 0x1768  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
14:06:03.0513 0x1768  MEIx64 - ok
14:06:03.0544 0x1768  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
14:06:03.0606 0x1768  MMCSS - ok
14:06:03.0622 0x1768  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
14:06:03.0638 0x1768  Modem - ok
14:06:03.0669 0x1768  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
14:06:03.0700 0x1768  monitor - ok
14:06:03.0731 0x1768  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
14:06:03.0747 0x1768  mouclass - ok
14:06:03.0747 0x1768  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
14:06:03.0794 0x1768  mouhid - ok
14:06:03.0825 0x1768  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:06:03.0841 0x1768  mountmgr - ok
14:06:03.0888 0x1768  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:06:03.0903 0x1768  MozillaMaintenance - ok
14:06:03.0935 0x1768  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:06:03.0981 0x1768  mpsdrv - ok
14:06:04.0044 0x1768  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:06:04.0091 0x1768  MpsSvc - ok
14:06:04.0106 0x1768  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:06:04.0153 0x1768  MRxDAV - ok
14:06:04.0200 0x1768  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:06:04.0278 0x1768  mrxsmb - ok
14:06:04.0325 0x1768  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:06:04.0388 0x1768  mrxsmb10 - ok
14:06:04.0419 0x1768  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:06:04.0450 0x1768  mrxsmb20 - ok
14:06:04.0497 0x1768  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
14:06:04.0528 0x1768  MsBridge - ok
14:06:04.0575 0x1768  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
14:06:04.0606 0x1768  MSDTC - ok
14:06:04.0638 0x1768  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:06:04.0653 0x1768  Msfs - ok
14:06:04.0685 0x1768  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
14:06:04.0700 0x1768  msgpiowin32 - ok
14:06:04.0716 0x1768  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:06:04.0731 0x1768  mshidkmdf - ok
14:06:04.0747 0x1768  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
14:06:04.0763 0x1768  mshidumdf - ok
14:06:04.0794 0x1768  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:06:04.0810 0x1768  msisadrv - ok
14:06:04.0841 0x1768  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:06:04.0872 0x1768  MSiSCSI - ok
14:06:04.0872 0x1768  msiserver - ok
14:06:04.0903 0x1768  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:06:04.0919 0x1768  MSKSSRV - ok
14:06:04.0950 0x1768  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
14:06:05.0013 0x1768  MsLldp - ok
14:06:05.0028 0x1768  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:06:05.0060 0x1768  MSPCLOCK - ok
14:06:05.0060 0x1768  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:06:05.0091 0x1768  MSPQM - ok
14:06:05.0122 0x1768  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:06:05.0153 0x1768  MsRPC - ok
14:06:05.0169 0x1768  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
14:06:05.0169 0x1768  mssmbios - ok
14:06:05.0185 0x1768  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:06:05.0216 0x1768  MSTEE - ok
14:06:05.0216 0x1768  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
14:06:05.0247 0x1768  MTConfig - ok
14:06:05.0263 0x1768  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
14:06:05.0278 0x1768  Mup - ok
14:06:05.0294 0x1768  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
14:06:05.0310 0x1768  mvumis - ok
14:06:05.0356 0x1768  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
14:06:05.0403 0x1768  napagent - ok
14:06:05.0435 0x1768  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:06:05.0481 0x1768  NativeWifiP - ok
14:06:05.0513 0x1768  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
14:06:05.0544 0x1768  NcaSvc - ok
14:06:05.0575 0x1768  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
14:06:05.0669 0x1768  NcbService - ok
14:06:05.0700 0x1768  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
14:06:05.0763 0x1768  NcdAutoSetup - ok
14:06:05.0825 0x1768  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:06:05.0888 0x1768  NDIS - ok
14:06:05.0935 0x1768  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:06:05.0950 0x1768  NdisCap - ok
14:06:05.0981 0x1768  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:06:06.0075 0x1768  NdisImPlatform - ok
14:06:06.0106 0x1768  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:06:06.0153 0x1768  NdisTapi - ok
14:06:06.0169 0x1768  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:06:06.0216 0x1768  Ndisuio - ok
14:06:06.0231 0x1768  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
14:06:06.0247 0x1768  NdisVirtualBus - ok
14:06:06.0263 0x1768  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:06.0294 0x1768  NdisWan - ok
14:06:06.0325 0x1768  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:06.0341 0x1768  NdisWanLegacy - ok
14:06:06.0388 0x1768  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:06:06.0403 0x1768  NDProxy - ok
14:06:06.0435 0x1768  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
14:06:06.0481 0x1768  Ndu - ok
14:06:06.0513 0x1768  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:06:06.0544 0x1768  NetBIOS - ok
14:06:06.0575 0x1768  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:06:06.0653 0x1768  NetBT - ok
14:06:06.0669 0x1768  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
14:06:06.0700 0x1768  Netlogon - ok
14:06:06.0731 0x1768  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
14:06:06.0747 0x1768  Netman - ok
14:06:06.0794 0x1768  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
14:06:06.0841 0x1768  netprofm - ok
14:06:06.0888 0x1768  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:06.0903 0x1768  NetTcpPortSharing - ok
14:06:06.0935 0x1768  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
14:06:07.0013 0x1768  netvsc - ok
14:06:07.0091 0x1768  [ 86D1BF1CC79121BA5A515DB3EC626C92, 6F29E31D08AAE4F183A50FE1EAAACCF3037E5091256D77CBF31134CD01C8EC3C ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
14:06:07.0122 0x1768  NetworkSupport - ok
14:06:07.0169 0x1768  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:06:07.0231 0x1768  NlaSvc - ok
14:06:07.0247 0x1768  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:06:07.0278 0x1768  Npfs - ok
14:06:07.0310 0x1768  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
14:06:07.0403 0x1768  npsvctrig - ok
14:06:07.0435 0x1768  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
14:06:07.0497 0x1768  nsi - ok
14:06:07.0513 0x1768  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:06:07.0544 0x1768  nsiproxy - ok
14:06:07.0653 0x1768  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:06:07.0763 0x1768  Ntfs - ok
14:06:07.0778 0x1768  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
14:06:07.0794 0x1768  Null - ok
14:06:08.0185 0x1768  [ EBDFD7A965CA6DC99CA5A745F31C3224, 349F23B7B803D627DF278B9041163D215594E7B3B2D13123E6265AE92FBD7223 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:06:08.0638 0x1768  nvlddmkm - ok
14:06:08.0700 0x1768  [ CC477334F03DFCB5D42DEEDE6E9E72BE, F1225043B9C62B38B58A442679BDB67C03E86550C42DFE4610580C2B13C8DAFF ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
14:06:08.0716 0x1768  nvpciflt - ok
14:06:08.0763 0x1768  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:06:08.0794 0x1768  nvraid - ok
14:06:08.0794 0x1768  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:06:08.0810 0x1768  nvstor - ok
14:06:08.0872 0x1768  [ A51AA034C0995F3FC52F062A5BA53FDE, 421048381352EDB24480AC6E18F9DF419D1D0756F55EA2DBB8110CD53D190A34 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:06:08.0903 0x1768  nvsvc - ok
14:06:08.0997 0x1768  [ C74D6BCF9A8F83A9DAF7B3C2F0466638, 37787323A73D03F93346EC866948CFD34A31906623EF85EC3F826F4DCE056DEB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:06:09.0044 0x1768  nvUpdatusService - ok
14:06:09.0060 0x1768  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:06:09.0122 0x1768  nv_agp - ok
14:06:09.0169 0x1768  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:09.0200 0x1768  ose - ok
14:06:09.0247 0x1768  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:06:09.0325 0x1768  p2pimsvc - ok
14:06:09.0388 0x1768  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
14:06:09.0435 0x1768  p2psvc - ok
14:06:09.0466 0x1768  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
14:06:09.0481 0x1768  Parport - ok
14:06:09.0513 0x1768  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:06:09.0528 0x1768  partmgr - ok
14:06:09.0575 0x1768  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:06:09.0606 0x1768  PcaSvc - ok
14:06:09.0653 0x1768  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
14:06:09.0669 0x1768  pci - ok
14:06:09.0685 0x1768  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:06:09.0700 0x1768  pciide - ok
14:06:09.0732 0x1768  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:06:09.0747 0x1768  pcmcia - ok
14:06:09.0763 0x1768  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:06:09.0778 0x1768  pcw - ok
14:06:09.0794 0x1768  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
14:06:09.0810 0x1768  pdc - ok
14:06:09.0872 0x1768  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:06:09.0919 0x1768  PEAUTH - ok
14:06:09.0997 0x1768  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:06:10.0091 0x1768  PerfHost - ok
14:06:10.0169 0x1768  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
14:06:10.0232 0x1768  pla - ok
14:06:10.0263 0x1768  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:06:10.0278 0x1768  PlugPlay - ok
14:06:10.0372 0x1768  [ 78CEC2F64577FEF62F9A9AFE2F312578, 22A0439381032A4AC5DC76151982C094AA4376D3038752266A673B80603AAE26 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
14:06:10.0403 0x1768  PMBDeviceInfoProvider - ok
14:06:10.0435 0x1768  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:06:10.0450 0x1768  PNRPAutoReg - ok
14:06:10.0481 0x1768  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:06:10.0513 0x1768  PNRPsvc - ok
14:06:10.0560 0x1768  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:06:10.0575 0x1768  PolicyAgent - ok
14:06:10.0607 0x1768  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
14:06:10.0669 0x1768  Power - ok
14:06:10.0685 0x1768  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:06:10.0716 0x1768  PptpMiniport - ok
14:06:10.0872 0x1768  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
14:06:11.0028 0x1768  PrintNotify - ok
14:06:11.0075 0x1768  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
14:06:11.0122 0x1768  Processor - ok
14:06:11.0153 0x1768  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:06:11.0232 0x1768  ProfSvc - ok
14:06:11.0263 0x1768  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:06:11.0294 0x1768  Psched - ok
14:06:11.0325 0x1768  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\drivers\PxHlpa64.sys
14:06:11.0356 0x1768  PxHlpa64 - ok
14:06:11.0388 0x1768  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
14:06:11.0435 0x1768  QWAVE - ok
14:06:11.0466 0x1768  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:06:11.0497 0x1768  QWAVEdrv - ok
14:06:11.0513 0x1768  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:06:11.0544 0x1768  RasAcd - ok
14:06:11.0575 0x1768  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:06:11.0591 0x1768  RasAgileVpn - ok
14:06:11.0638 0x1768  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
14:06:11.0653 0x1768  RasAuto - ok
14:06:11.0685 0x1768  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:06:11.0700 0x1768  Rasl2tp - ok
14:06:11.0763 0x1768  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
14:06:11.0794 0x1768  RasMan - ok
14:06:11.0810 0x1768  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:06:11.0825 0x1768  RasPppoe - ok
14:06:11.0857 0x1768  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:06:11.0872 0x1768  RasSstp - ok
14:06:11.0903 0x1768  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:06:12.0013 0x1768  rdbss - ok
14:06:12.0044 0x1768  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
14:06:12.0091 0x1768  rdpbus - ok
14:06:12.0122 0x1768  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:06:12.0216 0x1768  RDPDR - ok
14:06:12.0247 0x1768  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:06:12.0263 0x1768  RdpVideoMiniport - ok
14:06:12.0294 0x1768  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:06:12.0325 0x1768  rdyboost - ok
14:06:12.0435 0x1768  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
14:06:12.0482 0x1768  ReFS - ok
14:06:12.0528 0x1768  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:06:12.0544 0x1768  RemoteAccess - ok
14:06:12.0591 0x1768  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:06:12.0669 0x1768  RemoteRegistry - ok
14:06:12.0700 0x1768  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
14:06:12.0732 0x1768  RFCOMM - ok
14:06:12.0763 0x1768  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:06:12.0794 0x1768  RpcEptMapper - ok
14:06:12.0825 0x1768  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
14:06:12.0872 0x1768  RpcLocator - ok
14:06:12.0950 0x1768  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
14:06:12.0997 0x1768  RpcSs - ok
14:06:13.0013 0x1768  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:06:13.0044 0x1768  rspndr - ok
14:06:13.0106 0x1768  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
14:06:13.0138 0x1768  RTL8168 - ok
14:06:13.0169 0x1768  [ 78CA6B333D92B3344AE6DC54013203A6, 368647BD2A737ECF079D8D1BEF3FFC379A563136FCCB0880861333B9EF150283 ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
14:06:13.0200 0x1768  RTSPER - ok
14:06:13.0232 0x1768  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
14:06:13.0263 0x1768  s3cap - ok
14:06:13.0278 0x1768  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
14:06:13.0294 0x1768  SamSs - ok
14:06:13.0310 0x1768  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:06:13.0325 0x1768  sbp2port - ok
14:06:13.0357 0x1768  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:06:13.0388 0x1768  SCardSvr - ok
14:06:13.0403 0x1768  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
14:06:13.0435 0x1768  ScDeviceEnum - ok
14:06:13.0450 0x1768  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:06:13.0466 0x1768  scfilter - ok
14:06:13.0528 0x1768  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
14:06:13.0591 0x1768  Schedule - ok
14:06:13.0622 0x1768  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:06:13.0638 0x1768  SCPolicySvc - ok
14:06:13.0669 0x1768  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
14:06:13.0700 0x1768  sdbus - ok
14:06:13.0716 0x1768  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
14:06:13.0732 0x1768  sdstor - ok
14:06:13.0778 0x1768  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:06:13.0810 0x1768  secdrv - ok
14:06:13.0841 0x1768  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
14:06:13.0872 0x1768  seclogon - ok
14:06:13.0888 0x1768  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
14:06:13.0903 0x1768  semav6thermal64ro - ok
14:06:13.0950 0x1768  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
14:06:13.0982 0x1768  SENS - ok
14:06:14.0028 0x1768  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:06:14.0091 0x1768  SensrSvc - ok
14:06:14.0107 0x1768  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
14:06:14.0122 0x1768  SerCx - ok
14:06:14.0169 0x1768  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
14:06:14.0185 0x1768  SerCx2 - ok
14:06:14.0185 0x1768  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
14:06:14.0200 0x1768  Serenum - ok
14:06:14.0216 0x1768  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
14:06:14.0263 0x1768  Serial - ok
14:06:14.0278 0x1768  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
14:06:14.0325 0x1768  sermouse - ok
14:06:14.0388 0x1768  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
14:06:14.0450 0x1768  SessionEnv - ok
14:06:14.0466 0x1768  [ 11DB2C54BBCE4E1C5152999612C219D5, 1DC22AA4AB900AD19D156F093C865DBD8EBECBF0ACEF32A1DACAA8EE1A1A5543 ] SFEP            C:\Windows\System32\drivers\SFEP.sys
14:06:14.0482 0x1768  SFEP - ok
14:06:14.0497 0x1768  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
14:06:14.0513 0x1768  sfloppy - ok
14:06:14.0560 0x1768  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:06:14.0575 0x1768  SharedAccess - ok
14:06:14.0638 0x1768  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:06:14.0732 0x1768  ShellHWDetection - ok
14:06:14.0763 0x1768  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:06:14.0763 0x1768  SiSRaid2 - ok
14:06:14.0778 0x1768  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:06:14.0794 0x1768  SiSRaid4 - ok
14:06:14.0825 0x1768  [ 651BE03BCD0EEA41765D453DEB6050BC, D8A8132AF78E2E8BA3BCF6EE4D1C8BB4C6F2224765E04F0254B592BCB4C3CDF1 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:06:14.0841 0x1768  SmbDrvI - ok
14:06:14.0857 0x1768  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
14:06:14.0872 0x1768  smphost - ok
14:06:14.0919 0x1768  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:06:14.0966 0x1768  SNMPTRAP - ok
14:06:15.0060 0x1768  [ 2E666DFD667265AD716422884A3335FF, 137A80514C24F912413547ED0E0E8785374F29242D5CE148142355BE52F5EB2B ] SOHCImp         c:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:06:15.0091 0x1768  SOHCImp - ok
14:06:15.0138 0x1768  [ DDB5C6B79347EB303F245535C49C6D44, CCB245D827A944EA8B0E992B4641992F945B1A6F556B437BE0B767D1C9E6CA30 ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:06:15.0153 0x1768  SOHDms - ok
14:06:15.0185 0x1768  [ FA4AC5624B245FA03D4CCBA9C48D385E, 3125359763D34EE51EB1125217050DB29045154E76673F7CFED25B6301C7EEBE ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:06:15.0185 0x1768  SOHDs - ok
14:06:15.0216 0x1768  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
14:06:15.0247 0x1768  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
14:06:17.0700 0x1768  Detect skipped due to KSN trusted
14:06:17.0700 0x1768  Sony SCSI Helper Service - ok
14:06:17.0747 0x1768  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
14:06:17.0794 0x1768  spaceport - ok
14:06:17.0810 0x1768  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
14:06:17.0810 0x1768  SpbCx - ok
14:06:17.0903 0x1768  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:06:17.0935 0x1768  SpfService - ok
14:06:17.0982 0x1768  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
14:06:18.0060 0x1768  Spooler - ok
14:06:18.0325 0x1768  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
14:06:18.0560 0x1768  sppsvc - ok
14:06:18.0685 0x1768  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:06:18.0794 0x1768  srv - ok
14:06:18.0841 0x1768  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:06:18.0888 0x1768  srv2 - ok
14:06:18.0919 0x1768  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:06:18.0966 0x1768  srvnet - ok
14:06:18.0997 0x1768  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:06:19.0044 0x1768  SSDPSRV - ok
14:06:19.0060 0x1768  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:06:19.0107 0x1768  SstpSvc - ok
14:06:19.0138 0x1768  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:06:19.0153 0x1768  stexstor - ok
14:06:19.0200 0x1768  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
14:06:19.0278 0x1768  stisvc - ok
14:06:19.0294 0x1768  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
14:06:19.0310 0x1768  storahci - ok
14:06:19.0341 0x1768  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:06:19.0357 0x1768  storflt - ok
14:06:19.0388 0x1768  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
14:06:19.0403 0x1768  stornvme - ok
14:06:19.0419 0x1768  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
14:06:19.0482 0x1768  StorSvc - ok
14:06:19.0497 0x1768  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:06:19.0513 0x1768  storvsc - ok
14:06:19.0528 0x1768  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
14:06:19.0575 0x1768  svsvc - ok
14:06:19.0591 0x1768  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
14:06:19.0607 0x1768  swenum - ok
14:06:19.0653 0x1768  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
14:06:19.0700 0x1768  swprv - ok
14:06:19.0763 0x1768  [ C54F86A754D7EA388ABD817D7A9B712C, EC2E365EE165393543A0661783410C91D32FF4413866DC0875D67FFA7DF4F763 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:06:19.0794 0x1768  SynTP - ok
14:06:19.0872 0x1768  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
14:06:19.0950 0x1768  SysMain - ok
14:06:19.0982 0x1768  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:06:20.0028 0x1768  SystemEventsBroker - ok
14:06:20.0044 0x1768  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:06:20.0091 0x1768  TabletInputService - ok
14:06:20.0138 0x1768  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:06:20.0185 0x1768  TapiSrv - ok
14:06:20.0310 0x1768  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:06:20.0435 0x1768  Tcpip - ok
14:06:20.0544 0x1768  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:06:20.0638 0x1768  TCPIP6 - ok
14:06:20.0669 0x1768  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:06:20.0700 0x1768  tcpipreg - ok
14:06:20.0747 0x1768  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:06:20.0778 0x1768  tdx - ok
14:06:20.0794 0x1768  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
14:06:20.0825 0x1768  terminpt - ok
14:06:20.0888 0x1768  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
14:06:20.0950 0x1768  TermService - ok
14:06:20.0982 0x1768  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
14:06:21.0013 0x1768  Themes - ok
14:06:21.0044 0x1768  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:06:21.0060 0x1768  THREADORDER - ok
14:06:21.0075 0x1768  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
14:06:21.0138 0x1768  TimeBroker - ok
14:06:21.0154 0x1768  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
14:06:21.0169 0x1768  TPM - ok
14:06:21.0216 0x1768  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
14:06:21.0232 0x1768  TrkWks - ok
14:06:21.0294 0x1768  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:06:21.0357 0x1768  TrustedInstaller - ok
14:06:21.0357 0x1768  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:06:21.0435 0x1768  TsUsbFlt - ok
14:06:21.0466 0x1768  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
14:06:21.0528 0x1768  TsUsbGD - ok
14:06:21.0560 0x1768  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:06:21.0607 0x1768  tunnel - ok
14:06:21.0622 0x1768  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:06:21.0638 0x1768  uagp35 - ok
14:06:21.0654 0x1768  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
14:06:21.0669 0x1768  UASPStor - ok
14:06:21.0700 0x1768  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
14:06:21.0732 0x1768  UCX01000 - ok
14:06:21.0763 0x1768  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:06:21.0794 0x1768  udfs - ok
14:06:21.0825 0x1768  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
14:06:21.0841 0x1768  UEFI - ok
14:06:21.0872 0x1768  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:06:21.0888 0x1768  UI0Detect - ok
14:06:21.0903 0x1768  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:06:21.0919 0x1768  uliagpkx - ok
14:06:21.0935 0x1768  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
14:06:21.0950 0x1768  umbus - ok
14:06:21.0966 0x1768  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
14:06:21.0982 0x1768  UmPass - ok
14:06:22.0013 0x1768  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:06:22.0075 0x1768  UmRdpService - ok
14:06:22.0122 0x1768  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
14:06:22.0153 0x1768  upnphost - ok
14:06:22.0185 0x1768  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
14:06:22.0200 0x1768  usbccgp - ok
14:06:22.0232 0x1768  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
14:06:22.0247 0x1768  usbcir - ok
14:06:22.0279 0x1768  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
14:06:22.0294 0x1768  usbehci - ok
14:06:22.0325 0x1768  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
14:06:22.0372 0x1768  usbhub - ok
14:06:22.0419 0x1768  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
14:06:22.0466 0x1768  USBHUB3 - ok
14:06:22.0513 0x1768  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
14:06:22.0669 0x1768  usbohci - ok
14:06:22.0685 0x1768  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
14:06:22.0732 0x1768  usbprint - ok
14:06:22.0763 0x1768  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
14:06:22.0841 0x1768  usbscan - ok
14:06:22.0872 0x1768  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
14:06:22.0888 0x1768  USBSTOR - ok
14:06:22.0919 0x1768  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
14:06:22.0966 0x1768  usbuhci - ok
14:06:22.0997 0x1768  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:06:23.0028 0x1768  usbvideo - ok
14:06:23.0060 0x1768  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
14:06:23.0091 0x1768  USBXHCI - ok
14:06:23.0185 0x1768  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
14:06:23.0216 0x1768  USER_ESRV_SVC - ok
14:06:23.0279 0x1768  [ ECEBE4C39060D8A968B11F03AC0EA522, 84F67863042FCE9A15F3C132B8741004346C7B372FE6C92AA28F6D708C5ABFA4 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
14:06:23.0294 0x1768  VAIO Event Service - ok
14:06:23.0310 0x1768  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
14:06:23.0325 0x1768  VaultSvc - ok
14:06:23.0419 0x1768  [ DEBA4273293DAE85EE4BE3F433C903D7, 62254F305DDE2D14CE3ABD1FA7B2B1F1FAC3925926D73A217EF863F6D4B25FBF ] VCFw            c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:06:23.0466 0x1768  VCFw - ok
14:06:23.0497 0x1768  [ 0D53D30C8473EEDC1757FDA3C511103B, 54E1AE2CCD71AD446F373DD8E19382D81CA2BC9AEEE326CF5BF020AD3C5F58AB ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
14:06:23.0497 0x1768  VCService - ok
14:06:23.0529 0x1768  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:06:23.0544 0x1768  vdrvroot - ok
14:06:23.0607 0x1768  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
14:06:23.0669 0x1768  vds - ok
14:06:23.0716 0x1768  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
14:06:23.0732 0x1768  VerifierExt - ok
14:06:23.0794 0x1768  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
14:06:23.0825 0x1768  vhdmp - ok
14:06:23.0857 0x1768  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:06:23.0872 0x1768  viaide - ok
14:06:23.0888 0x1768  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:06:23.0919 0x1768  vmbus - ok
14:06:23.0950 0x1768  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
14:06:23.0982 0x1768  VMBusHID - ok
14:06:24.0013 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
14:06:24.0029 0x1768  vmicguestinterface - ok
14:06:24.0060 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
14:06:24.0091 0x1768  vmicheartbeat - ok
14:06:24.0107 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:06:24.0138 0x1768  vmickvpexchange - ok
14:06:24.0153 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
14:06:24.0185 0x1768  vmicrdv - ok
14:06:24.0200 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
14:06:24.0232 0x1768  vmicshutdown - ok
14:06:24.0247 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
14:06:24.0263 0x1768  vmictimesync - ok
14:06:24.0294 0x1768  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
14:06:24.0310 0x1768  vmicvss - ok
14:06:24.0325 0x1768  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:06:24.0341 0x1768  volmgr - ok
14:06:24.0372 0x1768  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:06:24.0404 0x1768  volmgrx - ok
14:06:24.0435 0x1768  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:06:24.0466 0x1768  volsnap - ok
14:06:24.0482 0x1768  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
14:06:24.0497 0x1768  vpci - ok
14:06:24.0513 0x1768  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:06:24.0544 0x1768  vsmraid - ok
14:06:24.0607 0x1768  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
14:06:24.0669 0x1768  VSS - ok
14:06:24.0700 0x1768  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
14:06:24.0747 0x1768  VSTXRAID - ok
14:06:24.0872 0x1768  [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
14:06:24.0919 0x1768  VUAgent - ok
14:06:24.0982 0x1768  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:06:25.0060 0x1768  vwifibus - ok
14:06:25.0091 0x1768  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:06:25.0107 0x1768  vwififlt - ok
14:06:25.0138 0x1768  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:06:25.0154 0x1768  vwifimp - ok
14:06:25.0200 0x1768  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
14:06:25.0279 0x1768  W32Time - ok
14:06:25.0310 0x1768  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
14:06:25.0357 0x1768  WacomPen - ok
14:06:25.0372 0x1768  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:06:25.0388 0x1768  Wanarp - ok
14:06:25.0388 0x1768  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:06:25.0403 0x1768  Wanarpv6 - ok
14:06:25.0482 0x1768  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
14:06:25.0607 0x1768  wbengine - ok
14:06:25.0669 0x1768  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:06:25.0763 0x1768  WbioSrvc - ok
14:06:25.0810 0x1768  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
14:06:25.0825 0x1768  Wcmsvc - ok
14:06:25.0872 0x1768  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:06:25.0904 0x1768  wcncsvc - ok
14:06:25.0935 0x1768  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:06:26.0013 0x1768  WcsPlugInService - ok
14:06:26.0044 0x1768  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
14:06:26.0075 0x1768  WdBoot - ok
14:06:26.0154 0x1768  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:06:26.0200 0x1768  Wdf01000 - ok
14:06:26.0232 0x1768  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
14:06:26.0247 0x1768  WdFilter - ok
14:06:26.0279 0x1768  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:06:26.0310 0x1768  WdiServiceHost - ok
14:06:26.0310 0x1768  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:06:26.0325 0x1768  WdiSystemHost - ok
14:06:26.0357 0x1768  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
14:06:26.0372 0x1768  WdNisDrv - ok
14:06:26.0419 0x1768  WdNisSvc - ok
14:06:26.0450 0x1768  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
14:06:26.0513 0x1768  WebClient - ok
14:06:26.0544 0x1768  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:06:26.0575 0x1768  Wecsvc - ok
14:06:26.0591 0x1768  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
14:06:26.0622 0x1768  WEPHOSTSVC - ok
14:06:26.0654 0x1768  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:06:26.0716 0x1768  wercplsupport - ok
14:06:26.0763 0x1768  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
14:06:26.0779 0x1768  WerSvc - ok
14:06:26.0825 0x1768  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
14:06:26.0888 0x1768  WFPLWFS - ok
14:06:26.0919 0x1768  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
14:06:26.0950 0x1768  WiaRpc - ok
14:06:26.0966 0x1768  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:06:26.0982 0x1768  WIMMount - ok
14:06:26.0982 0x1768  WinDefend - ok
14:06:27.0044 0x1768  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:06:27.0091 0x1768  WinHttpAutoProxySvc - ok
14:06:27.0138 0x1768  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:06:27.0216 0x1768  Winmgmt - ok
14:06:27.0357 0x1768  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:06:27.0466 0x1768  WinRM - ok
14:06:27.0497 0x1768  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
14:06:27.0529 0x1768  WinUsb - ok
14:06:27.0622 0x1768  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
14:06:27.0685 0x1768  WlanSvc - ok
14:06:27.0794 0x1768  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
14:06:27.0857 0x1768  wlidsvc - ok
14:06:27.0872 0x1768  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
14:06:27.0904 0x1768  WmiAcpi - ok
14:06:27.0935 0x1768  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:06:27.0950 0x1768  wmiApSrv - ok
14:06:27.0966 0x1768  WMPNetworkSvc - ok
14:06:28.0013 0x1768  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
14:06:28.0091 0x1768  Wof - ok
14:06:28.0200 0x1768  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
14:06:28.0325 0x1768  workfolderssvc - ok
14:06:28.0372 0x1768  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
14:06:28.0404 0x1768  wpcfltr - ok
14:06:28.0419 0x1768  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:06:28.0450 0x1768  WPCSvc - ok
14:06:28.0497 0x1768  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:06:28.0544 0x1768  WPDBusEnum - ok
14:06:28.0575 0x1768  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
14:06:28.0575 0x1768  WpdUpFltr - ok
14:06:28.0591 0x1768  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:06:28.0622 0x1768  ws2ifsl - ok
14:06:28.0638 0x1768  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:06:28.0700 0x1768  wscsvc - ok
14:06:28.0700 0x1768  WSearch - ok
14:06:28.0857 0x1768  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
14:06:28.0997 0x1768  WSService - ok
14:06:29.0154 0x1768  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:06:29.0294 0x1768  wuauserv - ok
14:06:29.0357 0x1768  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:06:29.0388 0x1768  WudfPf - ok
14:06:29.0419 0x1768  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
14:06:29.0450 0x1768  WUDFRd - ok
14:06:29.0482 0x1768  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:06:29.0513 0x1768  wudfsvc - ok
14:06:29.0529 0x1768  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
14:06:29.0544 0x1768  WUDFWpdFs - ok
14:06:29.0560 0x1768  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
14:06:29.0575 0x1768  WUDFWpdMtp - ok
14:06:29.0622 0x1768  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:06:29.0669 0x1768  WwanSvc - ok
14:06:29.0669 0x1768  ZTEusbmdm6k - ok
14:06:29.0685 0x1768  ZTEusbnmea - ok
14:06:29.0685 0x1768  ZTEusbser6k - ok
14:06:29.0685 0x1768  ================ Scan global ===============================
14:06:29.0732 0x1768  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
14:06:29.0763 0x1768  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
14:06:29.0794 0x1768  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
14:06:29.0857 0x1768  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
14:06:29.0872 0x1768  [ Global ] - ok
14:06:29.0872 0x1768  ================ Scan MBR ==================================
14:06:29.0904 0x1768  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:06:29.0997 0x1768  \Device\Harddisk0\DR0 - ok
14:06:29.0997 0x1768  ================ Scan VBR ==================================
14:06:29.0997 0x1768  [ E148A819B5F6E54DA86486C1A646E513 ] \Device\Harddisk0\DR0\Partition1
14:06:30.0029 0x1768  \Device\Harddisk0\DR0\Partition1 - ok
14:06:30.0044 0x1768  [ 96782C1246BE111247B6C7A0047B5AF7 ] \Device\Harddisk0\DR0\Partition2
14:06:30.0122 0x1768  \Device\Harddisk0\DR0\Partition2 - ok
14:06:30.0138 0x1768  [ DEF040415BDF35A256A6122D5F135C4B ] \Device\Harddisk0\DR0\Partition3
14:06:30.0200 0x1768  \Device\Harddisk0\DR0\Partition3 - ok
14:06:30.0216 0x1768  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
14:06:30.0216 0x1768  \Device\Harddisk0\DR0\Partition4 - ok
14:06:30.0216 0x1768  [ 5204D8AE065BE36457DED68B9B9F92D8 ] \Device\Harddisk0\DR0\Partition5
14:06:30.0294 0x1768  \Device\Harddisk0\DR0\Partition5 - ok
14:06:30.0325 0x1768  [ 8615747BE02258E36F451D7FFD2126DC ] \Device\Harddisk0\DR0\Partition6
14:06:30.0341 0x1768  \Device\Harddisk0\DR0\Partition6 - ok
14:06:30.0357 0x1768  ================ Scan generic autorun ======================
14:06:30.0450 0x1768  [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:06:30.0497 0x1768  RtHDVBg - ok
14:06:30.0575 0x1768  [ AB758AF3BD65A42AB837ABE463E7B066, F89A703224818D48A3CBEA8A807534A92EF57E205CD919452DA9E998569697DD ] c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe
14:06:30.0607 0x1768  Bluetooth - ok
14:06:30.0638 0x1768  [ 3847AD700BFAB313D85664E8A36E5114, 0E5AC3AB8E8ECAB9312B6A39013537804FE580F4B27F9EBC802732EC6409728D ] C:\Windows\system32\igfxtray.exe
14:06:30.0654 0x1768  IgfxTray - ok
14:06:30.0685 0x1768  [ E7766E31C1E3B12C85AE78757AD4DE34, 5ED9453A7E9EF04952C33CA011E61327DD17B5F8C4F9820FEBA845375C9CD2C8 ] C:\Windows\system32\hkcmd.exe
14:06:30.0716 0x1768  HotKeysCmds - ok
14:06:30.0763 0x1768  [ 6B00734445DF2C0AF9D0CA52B3F02839, 4437C5A92BCB87DA368422A47AF0D872885179A42BE73D3701DDEFF91DD0EE1E ] C:\Windows\system32\igfxpers.exe
14:06:30.0794 0x1768  Persistence - ok
14:06:30.0904 0x1768  [ 79C9B6A7836DC358216036A1EBA31B62, 9E3987ED10C5CFCD06A2DCBC4E0838004F97A1527527749EF3CC7C5EC5AC2597 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:06:30.0966 0x1768  AdobeAAMUpdater-1.0 - ok
14:06:30.0966 0x1768  SynTPEnh - ok
14:06:31.0091 0x1768  [ 3A608A79BBAD5F22BEA3C21BF829F2E1, DA85834740EEBD27BE2B28F20A4AEAAF15E62E4380CE47FC3B9037A60314E561 ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
14:06:31.0169 0x1768  PMBVolumeWatcher - ok
14:06:31.0169 0x1768  Waiting for KSN requests completion. In queue: 157
14:06:32.0185 0x1768  Waiting for KSN requests completion. In queue: 157
14:06:33.0201 0x1768  Waiting for KSN requests completion. In queue: 157
14:06:34.0372 0x1768  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
14:06:34.0388 0x1768  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
14:06:34.0388 0x1768  Win FW state via NFP2: enabled
14:06:36.0810 0x1768  ============================================================
14:06:36.0810 0x1768  Scan finished
14:06:36.0810 0x1768  ============================================================
14:06:36.0825 0x1128  Detected object count: 0
14:06:36.0825 0x1128  Actual detected object count: 0
         

Alt 06.06.2015, 08:46   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.06.2015, 19:49   #6
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Guten Abend,

hier die Logfiles:

mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 06.06.2015
Suchlauf-Zeit: 18:40:21
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.06.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 431214
Verstrichene Zeit: 22 Min, 39 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         

AdwCleaner

Kleine Frage, was wurde da eigentlich genau aus der Registrierungsdatenbank gelöscht, weil mir eigentlich keine Funde angezeigt wurden?

Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 06/06/2015 um 19:15:19
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Lukas - LUKAS-PC
# Gestarted von : C:\Users\Lukas\Desktop\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Lukas\Desktop\eBay.lnk

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v38.0.1 (x86 de)


*************************

AdwCleaner[R0].txt - [1093 Bytes] - [06/06/2015 19:14:23]
AdwCleaner[S0].txt - [1014 Bytes] - [06/06/2015 19:15:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1073  Bytes] ##########
         

JRT.txt

Auch hier die kleine Frage, wieso das Programm denn den Ordner in Firefox geleert hat.

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.8 (06.03.2015:1)
OS: Windows 8.1 x64
Ran by Lukas on 06.06.2015 at 19:27:25,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Lukas\AppData\Roaming\mozilla\firefox\profiles\dn1xwhro.default\minidumps [9 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.06.2015 at 19:29:38,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und hier noch FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lukas (administrator) on LUKAS-PC on 06-06-2015 19:32:14
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas (Available Profiles: Lukas)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-30] (NVIDIA Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default
FF Homepage: uni-bamberg.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default\Extensions\abs@avira.com [2015-05-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-10-09] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-03] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 19:29 - 2015-06-06 19:29 - 00000720 _____ C:\Users\Lukas\Desktop\JRT.txt
2015-06-06 19:27 - 2015-06-06 19:27 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUKAS-PC-Windows-8.1-(64-bit).dat
2015-06-06 19:27 - 2015-06-06 19:27 - 00000000 ____D C:\RegBackup
2015-06-06 19:18 - 2015-06-06 19:18 - 00001153 _____ C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2015-06-06 19:14 - 2015-06-06 19:15 - 00000000 ____D C:\AdwCleaner
2015-06-06 19:03 - 2015-06-06 19:03 - 00001198 _____ C:\Users\Lukas\Desktop\mbam.txt
2015-06-06 18:55 - 2015-06-06 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 18:38 - 2015-06-06 18:38 - 00001074 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-06 18:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-06 18:31 - 2015-06-06 18:31 - 02942610 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 02231296 _____ C:\Users\Lukas\Desktop\AdwCleaner_4.206.exe
2015-06-05 13:34 - 2015-06-06 18:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 13:34 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-05 13:34 - 2015-06-05 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-05 13:32 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-05 13:25 - 2015-06-05 13:25 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Lukas\Desktop\tdsskiller.exe
2015-06-05 13:19 - 2015-06-05 13:59 - 00000000 ____D C:\Users\Lukas\Desktop\mbar
2015-06-05 13:17 - 2015-06-05 13:17 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Lukas\Desktop\mbar-1.09.1.1004.exe
2015-06-05 12:40 - 2015-06-05 12:40 - 00132508 _____ C:\Users\Lukas\Desktop\Neues Textdokument.txt
2015-06-05 12:07 - 2015-06-05 12:07 - 00000754 _____ C:\Users\Lukas\Desktop\quarantaene.txt
2015-06-05 11:59 - 2015-06-05 11:59 - 00004984 _____ C:\Users\Lukas\Desktop\Ereignisse.txt
2015-06-05 11:57 - 2015-06-05 11:57 - 00055770 _____ C:\Users\Lukas\Desktop\AVSCAN-20150601-212558-480F1274.LOG
2015-06-05 11:56 - 2015-06-05 11:56 - 00056954 _____ C:\Users\Lukas\Desktop\AVSCAN-20150521-191913-863EDE59.LOG
2015-06-05 11:44 - 2015-06-05 11:44 - 00003851 _____ C:\Users\Lukas\Desktop\Gmer Scan.log
2015-06-05 11:38 - 2015-06-05 11:38 - 00380416 _____ C:\Users\Lukas\Desktop\Gmer-19357.exe
2015-06-05 11:32 - 2015-06-06 19:32 - 00015881 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-06-05 11:32 - 2015-06-05 11:33 - 00033597 _____ C:\Users\Lukas\Desktop\Addition.txt
2015-06-05 11:31 - 2015-06-06 19:32 - 00000000 ____D C:\FRST
2015-06-05 11:31 - 2015-06-05 11:31 - 02108928 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-06-05 11:17 - 2015-06-05 11:17 - 00000000 ____D C:\Users\Lukas\AppData\Local\GWX
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-24 23:49 - 2015-05-24 23:49 - 00007597 _____ C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2015-05-13 23:49 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 23:49 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 22:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 22:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 22:02 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 22:02 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 21:56 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 21:56 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 21:56 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 21:56 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 21:56 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 21:56 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 21:56 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 21:56 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 21:56 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 21:56 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 21:56 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 21:56 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 21:56 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 21:56 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 21:56 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 21:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 21:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 21:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 21:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 21:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 21:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 21:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 21:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 21:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 21:55 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 21:55 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 21:55 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 21:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 21:55 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 21:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 21:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 21:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 21:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 21:55 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 21:55 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 21:55 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 21:55 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 21:55 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 21:55 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 21:55 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-12 21:55 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 21:55 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 21:55 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 21:55 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 21:55 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 21:55 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 21:38 - 2015-05-12 21:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 19:30 - 2014-01-26 15:49 - 01404497 _____ C:\Windows\WindowsUpdate.log
2015-06-06 19:22 - 2014-10-05 23:05 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2200920533-3107399475-823698359-1002
2015-06-06 19:19 - 2015-03-25 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 19:17 - 2013-08-22 16:46 - 00029130 _____ C:\Windows\setupact.log
2015-06-06 19:17 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 19:16 - 2013-09-13 23:00 - 00397268 _____ C:\Windows\PFRO.log
2015-06-06 19:16 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 19:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-06 18:51 - 2014-10-11 14:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-05 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-05 11:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-04 13:25 - 2014-10-11 13:45 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2015-06-01 21:17 - 2014-11-04 23:00 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\dvdcss
2015-06-01 21:15 - 2014-01-26 15:44 - 00020526 _____ C:\Windows\DPINST.LOG
2015-06-01 21:14 - 2013-08-22 16:44 - 00686496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-01 18:49 - 2014-10-15 11:32 - 00000000 ____D C:\Users\Lukas\Downloads\VC
2015-06-01 18:43 - 2015-03-05 17:09 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 11:13 - 2013-10-29 05:31 - 00764104 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-26 00:01 - 2014-10-15 11:33 - 00000000 ____D C:\Users\Lukas\Downloads\Sonstiges
2015-05-25 23:39 - 2014-10-19 14:30 - 00000000 ____D C:\Users\Lukas\Documents\Bafög
2015-05-25 21:54 - 2014-01-27 00:26 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-05-25 21:54 - 2014-01-27 00:26 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-05-25 21:54 - 2013-09-13 23:06 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-25 19:44 - 2014-10-23 18:36 - 00000000 ____D C:\Windows\SysWOW64\SupportAppCB
2015-05-25 19:44 - 2014-01-26 15:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 18:47 - 2014-10-09 16:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-16 15:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-14 01:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-13 21:49 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 00:45 - 2014-10-19 19:47 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 00:42 - 2014-10-19 19:47 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 00:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-05-13 00:38 - 2015-01-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:05 - 2013-08-22 21:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 21:38 - 2014-01-26 16:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2015-05-24 23:49 - 2015-05-24 23:49 - 0007597 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2014-01-26 15:45 - 2014-01-26 15:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\COMAP.EXE
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-05 16:32

==================== End of log ============================
         
--- --- ---


Und Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Lukas at 2015-06-06 19:33:13
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2200920533-3107399475-823698359-500 - Administrator - Disabled)
Gast (S-1-5-21-2200920533-3107399475-823698359-501 - Limited - Disabled)
Lukas (S-1-5-21-2200920533-3107399475-823698359-1002 - Administrator - Enabled) => C:\Users\Lukas
UpdatusUser (S-1-5-21-2200920533-3107399475-823698359-1001 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica SE 4.1 (HKLM-x32\...\Acoustica SE_is1) (Version: 4.1 - Acon Digital Media GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{4065415E-A05E-4555-B527-CEF9F165B8BC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 (HKLM\...\MX.{FFDC29E6-5C7C-4AA8-AF5A-99E015165382}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Recorder-Studio SE 1.0 (HKLM-x32\...\Recorder-Studio SE_is1) (Version: 1.0 - BHV Software GmbH & Co. KG)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E2DE56-6195-4219-97FA-C02DB560B2DF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {03CB2651-7B56-4475-AC70-F3456D9EE678} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {06AE4280-390E-4D41-B421-097EE5192256} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {0ED160E7-C728-469B-BACC-5CFB86605E90} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {211C0199-F456-42F3-82BD-1B971E5C432B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {291763B2-BB16-4667-9FAA-8350B93A117A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2D1E425F-7D3E-4B21-A676-3775B76485F5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {30CAF148-43B4-48C0-A784-AA497FD40ECE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {32FA8A1C-D946-4ADC-9325-02D19FB1161F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {353297FB-B5BA-4320-A202-818227306558} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {375A5AAB-64B4-4378-95CC-51CAD5A86FF4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3EE9E4F6-FE5E-43AF-B733-59265B9D5B7B} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {4EA139A3-52C8-485A-AAD2-ACC92E97D882} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {527175CC-7D76-431B-803F-622F38833063} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {597C0513-1CE4-4DAE-9145-C3C7938A101D} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {5C5DFD80-2EFB-4D21-81C6-EC7A711E3973} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)
Task: {5E56C47A-7F6C-422A-83C3-D0D78ED7D9EE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E81E348-9850-4D69-8DE4-8B4DD966A474} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {61379401-D2D2-409A-89BA-ED1EAFB4A3F9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {7308AA49-AD51-460B-A128-7DC5C96533C3} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {74A87D5C-4A13-4B73-89C0-07F1EF8454E9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {8D8D6B91-3297-4C25-829B-D4F1FEA8CA3C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {8EA4B3F7-6ABD-4EC2-ACD1-C510919F202C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9309103C-41C0-4C9E-BC1A-FF1DA085C568} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {995FD0C4-4B92-4BE5-A323-4EA532D769E9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9ADDCB66-46AB-4F9C-AA53-381B18D689AB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {A1E48529-6AC6-40CD-9782-6DFE07AAAABA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A91A03C9-22B3-4609-B0E5-D809A7DE84BB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {BAD95FB4-AB1A-4F99-B236-5FB96CEDC5E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {BB668D66-4C7E-4D07-B590-8E6CC6003BE3} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C2C4D164-ED37-4F33-BC9E-8FC2DA21FFCA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C6E1C42F-8112-497F-97B5-F7C47CB777D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C85A2D48-F2AE-42F4-AB63-E1A763420AEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {C9012A95-8E78-46DF-8A88-550E9BB1F42D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {D339AD84-73E7-4662-B42B-A70577E5FC51} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.)
Task: {DC1F8240-23B1-40E2-AB19-7F8EB3038958} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {DCB1DD55-5D61-4980-B230-00850A507D85} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E27666EA-543E-49A7-8CFA-024B9058B9C9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2977F39-332C-4B77-A032-FA697E7203B5} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {EEC8D213-B8C3-4F97-B0BD-3F0B83F33F0B} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FB993DA0-820A-41B1-A7A2-A6184DDA44AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-26 15:49 - 2013-10-30 04:18 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-11-05 16:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-25 15:20 - 2013-09-25 15:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-01-26 15:43 - 2013-09-18 04:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Bluetooth"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B9218B80-AD4F-475D-A463-C4C1F49B79C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32844DDA-B49A-424B-99F0-BDAEFCD47D01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{564A4495-198F-49A1-8DF4-775C99374901}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6C092FD2-8F10-47DD-AC94-985A5B5B0DFB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{67DD2A88-3679-48E2-A4C8-B99CCCB3E803}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B75CC025-1550-4578-8185-770F27B01BE8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0824176-837A-4A14-B83B-6B76C2C125BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F6027EAC-0F61-40CE-836B-8FB0D72625B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9B9A5E79-6565-4D68-AC59-127FFAC0A1F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BB93AF72-0D6B-4B9C-ADFE-74FECB4EA655}] => (Allow) LPort=2869
FirewallRules: [{7AB19AFC-8C6D-4580-A46B-5B3100261584}] => (Allow) LPort=1900
FirewallRules: [{3737352A-868A-4A3C-9377-D0B4B964E1DE}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015\Videodeluxe.exe
FirewallRules: [{2A431B48-FF61-403F-9E94-5F7159E43361}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{EC994205-45FE-41B5-AA58-0542C9C7374C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{68B879E3-FD87-4CDC-A4C1-C0F68615CEB5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{A58FF69F-03E6-45B0-BDDA-EC86F5EE8996}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{DC787676-6CFF-4CA2-9947-FAFEAF334ECC}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{C3AC2A96-0F48-4CF2-8100-42F9EF076282}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F1553058-B131-4682-BB6C-369BBD9AD98D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D47F3AA0-E43A-4184-8C63-751C24486B69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{81500139-6DD1-4049-8A04-AB77384F5F7C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10A30411-A2AB-4DF6-9B22-EB500571E6C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2015 07:19:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Lukas-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\UpdatusUser\ntuser.dat

Error: (06/06/2015 06:24:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/05/2015 02:27:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/05/2015 00:33:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/05/2015 11:47:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffbcf16a4f1
ID des fehlerhaften Prozesses: 0xd7c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (06/05/2015 11:47:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/05/2015 11:16:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/06/2015 07:27:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Behavior Tracker Collector Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VUAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VAIO Event Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/06/2015 07:27:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PMBDeviceInfoProvider" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/06/2015 07:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/06/2015 07:19:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: 

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: 

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Lukas-PC)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\UpdatusUser\ntuser.dat

Error: (06/06/2015 06:24:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/05/2015 02:27:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/05/2015 00:33:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/05/2015 11:47:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffbcf16a4f1d7c01d09cb67ed3c79eC:\Program Files\Sony\VAIO Care\VCAgent.exeunknowne418db09-0b67-11e5-826f-3c077165f80e

Error: (06/05/2015 11:47:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/05/2015 11:16:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 19%
Total physical RAM: 8103.8 MB
Available physical RAM: 6549.93 MB
Total Pagefile: 9383.8 MB
Available Pagefile: 7858.58 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:904.44 GB) (Free:833.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7A582497)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 07.06.2015, 16:16   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.06.2015, 20:39   #8
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Akute Probleme gab es ja zum Glück von Anfang an keine.
Die Fragen bleiben halt noch etwas bestehen
Aber trotzdem schon einmal vielen Dank

Eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6ae04d6ff2372d4a93f31a1a3cdbd7a0
# end=init
# utc_time=2015-06-07 04:25:20
# local_time=2015-06-07 06:25:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 24212
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6ae04d6ff2372d4a93f31a1a3cdbd7a0
# end=updated
# utc_time=2015-06-07 04:29:52
# local_time=2015-06-07 06:29:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6ae04d6ff2372d4a93f31a1a3cdbd7a0
# engine=24212
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-07 06:04:06
# local_time=2015-06-07 08:04:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6796206 58581539 0 0
# scanned=387775
# found=0
# cleaned=0
# scan_time=5653
         
SecurityCheck
Code:
ATTFilter
 Results of screen317's Security Check version 1.002  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (38.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Sony VAIOCA~1 Iolo IOLOTO~1.EXE 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Und die neuen FRST-Logs. Kann man da noch irgendwas auffälliges herauslesen?


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lukas (administrator) on LUKAS-PC on 07-06-2015 20:11:12
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas &  (Available Profiles: Lukas)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-30] (NVIDIA Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default
FF Homepage: uni-bamberg.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default\Extensions\abs@avira.com [2015-05-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-10-09] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-03] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:11 - 2015-06-07 20:11 - 00018629 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-06-07 20:10 - 2015-06-07 20:10 - 00000822 _____ C:\Users\Lukas\Desktop\checkup.txt
2015-06-07 18:25 - 2015-06-07 18:25 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-07 18:11 - 2015-06-07 18:12 - 00852639 _____ C:\Users\Lukas\Desktop\SecurityCheck.exe
2015-06-07 18:11 - 2015-06-07 18:11 - 02870984 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2015-06-06 19:29 - 2015-06-06 19:29 - 00000720 _____ C:\Users\Lukas\Desktop\JRT.txt
2015-06-06 19:27 - 2015-06-06 19:27 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUKAS-PC-Windows-8.1-(64-bit).dat
2015-06-06 19:27 - 2015-06-06 19:27 - 00000000 ____D C:\RegBackup
2015-06-06 19:18 - 2015-06-06 19:18 - 00001153 _____ C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2015-06-06 19:14 - 2015-06-06 19:15 - 00000000 ____D C:\AdwCleaner
2015-06-06 19:03 - 2015-06-06 19:03 - 00001198 _____ C:\Users\Lukas\Desktop\mbam.txt
2015-06-06 18:55 - 2015-06-06 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 18:38 - 2015-06-06 18:38 - 00001074 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-06 18:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-06 18:31 - 2015-06-06 18:31 - 02942610 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 02231296 _____ C:\Users\Lukas\Desktop\AdwCleaner_4.206.exe
2015-06-05 13:34 - 2015-06-06 21:29 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-05 13:34 - 2015-06-06 21:01 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 13:34 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-05 13:32 - 2015-06-06 21:00 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-05 13:25 - 2015-06-05 13:25 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Lukas\Desktop\tdsskiller.exe
2015-06-05 13:19 - 2015-06-06 21:28 - 00000000 ____D C:\Users\Lukas\Desktop\mbar
2015-06-05 13:17 - 2015-06-05 13:17 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Lukas\Desktop\mbar-1.09.1.1004.exe
2015-06-05 12:40 - 2015-06-05 12:40 - 00132508 _____ C:\Users\Lukas\Desktop\Neues Textdokument.txt
2015-06-05 12:07 - 2015-06-05 12:07 - 00000754 _____ C:\Users\Lukas\Desktop\quarantaene.txt
2015-06-05 11:59 - 2015-06-05 11:59 - 00004984 _____ C:\Users\Lukas\Desktop\Ereignisse.txt
2015-06-05 11:57 - 2015-06-05 11:57 - 00055770 _____ C:\Users\Lukas\Desktop\AVSCAN-20150601-212558-480F1274.LOG
2015-06-05 11:56 - 2015-06-05 11:56 - 00056954 _____ C:\Users\Lukas\Desktop\AVSCAN-20150521-191913-863EDE59.LOG
2015-06-05 11:44 - 2015-06-05 11:44 - 00003851 _____ C:\Users\Lukas\Desktop\Gmer Scan.log
2015-06-05 11:38 - 2015-06-05 11:38 - 00380416 _____ C:\Users\Lukas\Desktop\Gmer-19357.exe
2015-06-05 11:32 - 2015-06-06 19:33 - 00039353 _____ C:\Users\Lukas\Desktop\Addition (06.06.15).txt
2015-06-05 11:32 - 2015-06-06 19:33 - 00034644 _____ C:\Users\Lukas\Desktop\FRST (06.06.15).txt
2015-06-05 11:31 - 2015-06-07 20:11 - 00000000 ____D C:\FRST
2015-06-05 11:31 - 2015-06-05 11:31 - 02108928 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-06-05 11:17 - 2015-06-05 11:17 - 00000000 ____D C:\Users\Lukas\AppData\Local\GWX
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-24 23:49 - 2015-05-24 23:49 - 00007597 _____ C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2015-05-13 23:49 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 23:49 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 22:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 22:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 22:02 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 22:02 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 21:56 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 21:56 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 21:56 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 21:56 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 21:56 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 21:56 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 21:56 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 21:56 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 21:56 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 21:56 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 21:56 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 21:56 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 21:56 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 21:56 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 21:56 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 21:56 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 21:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 21:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 21:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 21:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 21:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 21:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 21:55 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 21:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 21:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 21:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 21:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 21:55 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 21:55 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 21:55 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 21:55 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 21:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 21:55 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 21:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 21:55 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 21:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 21:55 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 21:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 21:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 21:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 21:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 21:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 21:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 21:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 21:55 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 21:55 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 21:55 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 21:55 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 21:55 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 21:55 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 21:55 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 21:55 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 21:55 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-12 21:55 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 21:55 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 21:55 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 21:55 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 21:55 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 21:55 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 21:38 - 2015-05-12 21:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:04 - 2014-10-05 23:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2200920533-3107399475-823698359-1002
2015-06-07 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-07 19:51 - 2014-10-11 14:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 18:09 - 2014-01-26 15:49 - 01544747 _____ C:\Windows\WindowsUpdate.log
2015-06-06 21:25 - 2014-10-11 13:45 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2015-06-06 21:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 19:19 - 2015-03-25 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 19:17 - 2013-08-22 16:46 - 00029130 _____ C:\Windows\setupact.log
2015-06-06 19:17 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 19:16 - 2013-09-13 23:00 - 00397268 _____ C:\Windows\PFRO.log
2015-06-06 19:16 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-05 11:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-01 21:17 - 2014-11-04 23:00 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\dvdcss
2015-06-01 21:15 - 2014-01-26 15:44 - 00020526 _____ C:\Windows\DPINST.LOG
2015-06-01 21:14 - 2013-08-22 16:44 - 00686496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-01 18:49 - 2014-10-15 11:32 - 00000000 ____D C:\Users\Lukas\Downloads\VC
2015-06-01 18:43 - 2015-03-05 17:09 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 11:13 - 2013-10-29 05:31 - 00764104 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-26 00:01 - 2014-10-15 11:33 - 00000000 ____D C:\Users\Lukas\Downloads\Sonstiges
2015-05-25 23:39 - 2014-10-19 14:30 - 00000000 ____D C:\Users\Lukas\Documents\Bafög
2015-05-25 21:54 - 2014-01-27 00:26 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-05-25 21:54 - 2014-01-27 00:26 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-05-25 21:54 - 2013-09-13 23:06 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-25 19:44 - 2014-10-23 18:36 - 00000000 ____D C:\Windows\SysWOW64\SupportAppCB
2015-05-25 19:44 - 2014-01-26 15:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 18:47 - 2014-10-09 16:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-16 15:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-14 01:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-13 21:49 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 00:45 - 2014-10-19 19:47 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 00:42 - 2014-10-19 19:47 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 00:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-05-13 00:38 - 2015-01-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:05 - 2013-08-22 21:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 21:38 - 2014-01-26 16:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2015-05-24 23:49 - 2015-05-24 23:49 - 0007597 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2014-01-26 15:45 - 2014-01-26 15:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\COMAP.EXE
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-05 16:32

==================== End of log ============================
         
--- --- ---


Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Lukas at 2015-06-07 20:12:11
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2200920533-3107399475-823698359-500 - Administrator - Disabled)
Gast (S-1-5-21-2200920533-3107399475-823698359-501 - Limited - Disabled)
Lukas (S-1-5-21-2200920533-3107399475-823698359-1002 - Administrator - Enabled) => C:\Users\Lukas
UpdatusUser (S-1-5-21-2200920533-3107399475-823698359-1001 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica SE 4.1 (HKLM-x32\...\Acoustica SE_is1) (Version: 4.1 - Acon Digital Media GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{4065415E-A05E-4555-B527-CEF9F165B8BC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 (HKLM\...\MX.{FFDC29E6-5C7C-4AA8-AF5A-99E015165382}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Recorder-Studio SE 1.0 (HKLM-x32\...\Recorder-Studio SE_is1) (Version: 1.0 - BHV Software GmbH & Co. KG)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E2DE56-6195-4219-97FA-C02DB560B2DF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {06AE4280-390E-4D41-B421-097EE5192256} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {211C0199-F456-42F3-82BD-1B971E5C432B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {291763B2-BB16-4667-9FAA-8350B93A117A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2D1E425F-7D3E-4B21-A676-3775B76485F5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {30CAF148-43B4-48C0-A784-AA497FD40ECE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {353297FB-B5BA-4320-A202-818227306558} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {375A5AAB-64B4-4378-95CC-51CAD5A86FF4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3C31DDC1-A94F-4F70-8822-5B40789C59D9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {3EE9E4F6-FE5E-43AF-B733-59265B9D5B7B} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {4EA139A3-52C8-485A-AAD2-ACC92E97D882} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {527175CC-7D76-431B-803F-622F38833063} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {52DFC392-B343-40CF-9A02-28452B160C19} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {597C0513-1CE4-4DAE-9145-C3C7938A101D} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {5C5DFD80-2EFB-4D21-81C6-EC7A711E3973} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)
Task: {5E56C47A-7F6C-422A-83C3-D0D78ED7D9EE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E81E348-9850-4D69-8DE4-8B4DD966A474} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {61379401-D2D2-409A-89BA-ED1EAFB4A3F9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {7308AA49-AD51-460B-A128-7DC5C96533C3} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {74A87D5C-4A13-4B73-89C0-07F1EF8454E9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {8D8D6B91-3297-4C25-829B-D4F1FEA8CA3C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {9309103C-41C0-4C9E-BC1A-FF1DA085C568} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {995FD0C4-4B92-4BE5-A323-4EA532D769E9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9ADDCB66-46AB-4F9C-AA53-381B18D689AB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {A1E48529-6AC6-40CD-9782-6DFE07AAAABA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A543E06E-9AD9-436F-B75B-A444F79EE8FC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {A761F4E1-FE6E-4B3F-93FF-F70F00AF3662} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A91A03C9-22B3-4609-B0E5-D809A7DE84BB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {BAD95FB4-AB1A-4F99-B236-5FB96CEDC5E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {BB668D66-4C7E-4D07-B590-8E6CC6003BE3} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C2C4D164-ED37-4F33-BC9E-8FC2DA21FFCA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C6E1C42F-8112-497F-97B5-F7C47CB777D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C85A2D48-F2AE-42F4-AB63-E1A763420AEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {C9012A95-8E78-46DF-8A88-550E9BB1F42D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {D339AD84-73E7-4662-B42B-A70577E5FC51} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.)
Task: {DC1F8240-23B1-40E2-AB19-7F8EB3038958} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {DFC9289E-BDA6-4D25-AD9E-BA0800AD9B68} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E27666EA-543E-49A7-8CFA-024B9058B9C9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2977F39-332C-4B77-A032-FA697E7203B5} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {EEC8D213-B8C3-4F97-B0BD-3F0B83F33F0B} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FB993DA0-820A-41B1-A7A2-A6184DDA44AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-11-05 16:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-25 15:20 - 2013-09-25 15:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-01-26 15:49 - 2013-10-30 04:18 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-26 15:43 - 2013-09-18 04:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Bluetooth"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B9218B80-AD4F-475D-A463-C4C1F49B79C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32844DDA-B49A-424B-99F0-BDAEFCD47D01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{564A4495-198F-49A1-8DF4-775C99374901}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6C092FD2-8F10-47DD-AC94-985A5B5B0DFB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{67DD2A88-3679-48E2-A4C8-B99CCCB3E803}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B75CC025-1550-4578-8185-770F27B01BE8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0824176-837A-4A14-B83B-6B76C2C125BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F6027EAC-0F61-40CE-836B-8FB0D72625B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9B9A5E79-6565-4D68-AC59-127FFAC0A1F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BB93AF72-0D6B-4B9C-ADFE-74FECB4EA655}] => (Allow) LPort=2869
FirewallRules: [{7AB19AFC-8C6D-4580-A46B-5B3100261584}] => (Allow) LPort=1900
FirewallRules: [{3737352A-868A-4A3C-9377-D0B4B964E1DE}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015\Videodeluxe.exe
FirewallRules: [{2A431B48-FF61-403F-9E94-5F7159E43361}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{EC994205-45FE-41B5-AA58-0542C9C7374C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{68B879E3-FD87-4CDC-A4C1-C0F68615CEB5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{A58FF69F-03E6-45B0-BDDA-EC86F5EE8996}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{DC787676-6CFF-4CA2-9947-FAFEAF334ECC}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{C3AC2A96-0F48-4CF2-8100-42F9EF076282}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F1553058-B131-4682-BB6C-369BBD9AD98D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D47F3AA0-E43A-4184-8C63-751C24486B69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{81500139-6DD1-4049-8A04-AB77384F5F7C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10A30411-A2AB-4DF6-9B22-EB500571E6C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 08:06:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:25:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:25:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:25:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:25:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:13:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/07/2015 06:13:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/06/2015 08:32:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/06/2015 07:19:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.


System errors:
=============
Error: (06/07/2015 06:26:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/07/2015 06:26:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lukas\AppData\Local\Temp\ehdrv.sys

Error: (06/07/2015 06:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/07/2015 06:26:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lukas\AppData\Local\Temp\ehdrv.sys

Error: (06/07/2015 06:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/07/2015 06:26:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lukas\AppData\Local\Temp\ehdrv.sys

Error: (06/07/2015 06:06:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/06/2015 09:37:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/06/2015 09:37:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/06/2015 09:37:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll


Microsoft Office:
=========================
Error: (06/07/2015 08:06:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/07/2015 06:25:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe

Error: (06/07/2015 06:25:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe

Error: (06/07/2015 06:25:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe

Error: (06/07/2015 06:25:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe

Error: (06/07/2015 06:13:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe

Error: (06/07/2015 06:13:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Lukas\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2015 08:32:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/06/2015 07:19:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: 

Error: (06/06/2015 07:19:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: 


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 25%
Total physical RAM: 8103.8 MB
Available physical RAM: 6012.84 MB
Total Pagefile: 9383.8 MB
Available Pagefile: 7098.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:904.44 GB) (Free:833.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7A582497)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 08.06.2015, 11:36   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Java updaten. Logs sind sauber. welche Fragen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.06.2015, 23:24   #10
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Java kann ich eigentlich gleich komplett deinstallieren.

Das klingt aufjedenfall schonmal gut
Vielen Dank für deine Hilfe.

Zu den Fragen (ich versuche, mich nur auf die wichtigsten zu reduzieren ) :

1. Gibt es eine Erkärung, wieso die Erkennung durch Avira etwas merkwürdig verlaufen ist? (7mal erkannt, bevor es dem Benutzer über das standardmäßige Pop-Up-Fenster gemeldet wurde)?

2. Ist es wahrscheinlicher, dass der Virus schon längere Zeit auf dem PC war oder das der Echtzeitscanner diesen direkt erkannt hat, als er auf den Rechner kam?

3. Kann man etwas über die zwei versteckten Objekte sagen, die Avira für eine Sitzung gefunden hat? (Nach Neustart nicht mehr) Lag das möglicherweise an einer halb abgeschlossenen Systemaktualisierung?
(Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Versteckter Thread
\Device\HarddiskV)

4. Gibt es eine Erklärung dafür, dass mich mein Rechner seit noch nicht allzu langer Zeit wieder dazu auffordert, ein Wiederherstellungsmedium zu erstellen, obwohl ich das eigentlich direkt zu Beginn gemacht habe?

5. Wieso wird in den Eigenschaften des Prozesses vom Audiorekorder ein unbekanntes Konto angezeigt (s. Bild)?

6. Diese Fehlermeldung zu Beginn von Malwarebytes Anti-Rootkit ist ungefährlich?

"Probable rootkit activity detected:

Rootkit value "AppInit_Dlls" has been found, which may be caused by rootkit activity.

Note: Press "No" button if you're not sure. If the tool chrashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.

Do you want to remove this value and restart the tool?"

7. Wieso hat der AdwCleaner die im Log angezeigten Registrierungsschlüssel gelöscht?

8. Wieso hat das JRT Tool den im Log angegebenen Ordner von Firefox gelöscht und sollte man das immer wieder mal tun?

9. Ist ein Rootkit eigentlich gleichzeit auch das Programm, das schädliche Prozesse ausführt oder dient es nur dazu, immer wieder schädliche Programme reinzulassen bzw. zu verstecken und sind diese versteckten Programme dann genauso schwer auffindbar wie das Rootkit? Und gibt es eigentlich irgendwelche Hinweise, die auf einen gut versteckten Rootkit hindeuten (Ich meine jezt allgemein bei der gewöhnlichen Nutzung)?

10. Mbar, Mbam, TdssKiller und Eset kann ich als Scanner nach den hier angegeben Einstellungen immer wieder mal laufen lassen oder?

11. Noch eine letzte Sicherheitsfrage: Bei Youtube ist mir aufgefallen, dass dort aktuell der HTML5-Videoplayer standardmäßig genutzt wird. Ist der sicher oder sollte ich wieder auf den Flash-Player umsteigen?

Sind jezt doch einige Fragen geworden, auch wenn mir klar ist, dass die nicht alle eindeutig beantwortbar sind
Das ist einfach die Neugierde

Vielen Dank noch einmal, dass ich mich jezt wieder sicher fühlen kann
Malware halte ich mir zum Glück normal erfolgreich fern, aber wenn es dann doch irgendwie einmal durchkommt, wird mir dieses eigentlich viel zu unbekannte Technikzeugs immer etwas suspekt
Miniaturansicht angehängter Grafiken
Windows 8: Backdoorfund von Avira-Echtzeitscanner-unbekanntes-konto.jpg  

Geändert von bcko30 (09.06.2015 um 23:39 Uhr)

Alt 10.06.2015, 19:40   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Zitat:
1. Gibt es eine Erkärung, wieso die Erkennung durch Avira etwas merkwürdig verlaufen ist? (7mal erkannt, bevor es dem Benutzer über das standardmäßige Pop-Up-Fenster gemeldet wurde)?
Wenn, dann nur vom Avira Support
Zitat:
2. Ist es wahrscheinlicher, dass der Virus schon längere Zeit auf dem PC war oder das der Echtzeitscanner diesen direkt erkannt hat, als er auf den Rechner kam?
Ich denke immer noch dass das Ganze ein Fehlalarm von Avira war. Wir haben Adware entfernt, aber da war kein Backdoor.
Zitat:
3. Kann man etwas über die zwei versteckten Objekte sagen, die Avira für eine Sitzung gefunden hat? (Nach Neustart nicht mehr) Lag das möglicherweise an einer halb abgeschlossenen Systemaktualisierung?
(Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Versteckter Thread
\Device\HarddiskV)

4. Gibt es eine Erklärung dafür, dass mich mein Rechner seit noch nicht allzu langer Zeit wieder dazu auffordert, ein Wiederherstellungsmedium zu erstellen, obwohl ich das eigentlich direkt zu Beginn gemacht habe?

5. Wieso wird in den Eigenschaften des Prozesses vom Audiorekorder ein unbekanntes Konto angezeigt (s. Bild)?

6. Diese Fehlermeldung zu Beginn von Malwarebytes Anti-Rootkit ist ungefährlich?
3 und 4 weiß ich nicht. 6 ist normal. Unbekannte Konten werden immer angezeigt, werden von Windows selbst angelegt.
Zitat:
7. Wieso hat der AdwCleaner die im Log angezeigten Registrierungsschlüssel gelöscht?

8. Wieso hat das JRT Tool den im Log angegebenen Ordner von Firefox gelöscht und sollte man das immer wieder mal tun?
Weil die beiden Tools Adware entfernen
Zitat:
9. Ist ein Rootkit eigentlich gleichzeit auch das Programm, das schädliche Prozesse ausführt oder dient es nur dazu, immer wieder schädliche Programme reinzulassen bzw. zu verstecken und sind diese versteckten Programme dann genauso schwer auffindbar wie das Rootkit? Und gibt es eigentlich irgendwelche Hinweise, die auf einen gut versteckten Rootkit hindeuten (Ich meine jezt allgemein bei der gewöhnlichen Nutzung)?
Ein Rootkit wirst du nicht merken, ausser den AV sagt es dir.
https://blog.kaspersky.de/was-ist-ein-rootkit/853/
Zitat:
10. Mbar, Mbam, TdssKiller und Eset kann ich als Scanner nach den hier angegeben Einstellungen immer wieder mal laufen lassen oder?
MBAM ja, ESET auch, Rest würde ich lassen.
Zitat:
11. Noch eine letzte Sicherheitsfrage: Bei Youtube ist mir aufgefallen, dass dort aktuell der HTML5-Videoplayer standardmäßig genutzt wird. Ist der sicher oder sollte ich wieder auf den Flash-Player umsteigen?
Definitiv HTML5
HTML5 und Flash im Vergleich - Das Erbe von Flash - Software - PC-WELT
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.06.2015, 01:58   #12
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



2. Ich könnte vielleicht mal dem Avira Support die Datei zu kommen lassen, damit die prüfen können, ob das evtl. ein Fehlalarm war, das müsste ja eigentlich möglich sein.

7. und 8.
War das eBay.ink dann wirklich Adware? Das war eigentlich vorinstalliert auf dem System bzw. ist ja nur eine Verknüpfung oder war die Adware dann in den Registrierungsschlüsseln?

-------------------------------------------------------------------------------
Jezt wollte ich mich eigentlich noch einmal für das Beantworten der Fragen bedanken und die ganze Sache abschließen, allerdings wurde gerade eben beim Mbam-Scan eine infizierte Datei gefunden.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.06.2015
Suchlauf-Zeit: 23:31:37
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.11.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Lukas

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430827
Verstrichene Zeit: 27 Min, 2 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
Trojan.Agent.AI, C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe, In Quarantäne, [d39d07b23e4ca492655f600d7c86748c], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Kann man irgendetwas über das Ding sagen?

Währenddessen hat sich Avira zweimal gemeldet (wobei komischerweise wieder nur einmal ein Pop-Up-Fenster erschienen ist). Das eine Mal aufjedenfall, als es um das Verschieben in die Quarantäne ging, deshalb denke ich, dass das damit zusammenhängt. Das Verschieben müsste durch den Neustart dann ja trotzdem geklappt haben.

Code:
ATTFilter
Exportierte Ereignisse:

12.06.2015 00:06 [Echtzeit-Scanner] Registry blockiert
      Der Administrator hat per Sicherheitsrichtlinie den Zugriff auf die Registry 
      blockiert.

12.06.2015 00:00 [Echtzeit-Scanner] Registry blockiert
      Der Administrator hat per Sicherheitsrichtlinie den Zugriff auf die Registry 
      blockiert.
         
Ich habe gleich noch mal einen FRST-Scan gemacht.

FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lukas (administrator) on LUKAS-PC on 12-06-2015 01:09:21
Running from C:\Users\Lukas\Desktop
Loaded Profiles: UpdatusUser & Lukas &  (Available Profiles: UpdatusUser & Lukas)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-30] (NVIDIA Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
URLSearchHook: [S-1-5-21-2200920533-3107399475-823698359-1001] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-2200920533-3107399475-823698359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-2200920533-3107399475-823698359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-2200920533-3107399475-823698359-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ATTENTION ==> Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {7E31E309-3083-4067-A35A-3482255781B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default
FF Homepage: uni-bamberg.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-09] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\dn1xwhro.default\Extensions\abs@avira.com [2015-05-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-10-09] (Realsil Semiconductor Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-03] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 01:09 - 2015-06-12 01:09 - 00021106 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-06-12 00:13 - 2015-06-12 00:13 - 00000696 _____ C:\Users\Lukas\Desktop\Ereignisse2.txt
2015-06-12 00:11 - 2015-06-12 00:11 - 00001280 _____ C:\Users\Lukas\Desktop\mbam2.txt
2015-06-12 00:08 - 2015-06-12 00:08 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2015-06-12 00:08 - 2015-06-12 00:08 - 00000000 ____D C:\Users\TEMP
2015-06-12 00:08 - 2015-04-23 02:06 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-12 00:08 - 2015-04-23 02:06 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 00:08 - 2015-04-23 02:06 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-12 00:08 - 2014-02-22 06:37 - 00000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-12 00:08 - 2014-02-22 06:37 - 00000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-12 00:08 - 2014-01-26 16:59 - 00001821 _____ C:\Users\TEMP\Desktop\eBay.lnk
2015-06-12 00:08 - 2013-08-22 17:36 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-09 22:56 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 22:56 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 22:56 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 22:56 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 22:56 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 22:56 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 22:56 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 22:56 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 22:56 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 22:56 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 22:56 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 22:56 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 22:56 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 22:56 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 22:56 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 22:56 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 22:56 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 22:56 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 22:56 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 22:56 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 22:56 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 22:56 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 22:56 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 22:56 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 22:56 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 22:56 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 22:56 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 22:56 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 22:56 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 22:56 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 22:56 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 22:56 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 22:56 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 22:56 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 22:56 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 22:56 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 22:56 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 22:56 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 22:56 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 22:56 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 22:56 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 22:56 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 22:55 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-08 23:55 - 2015-06-09 23:24 - 00003074 _____ C:\Users\Lukas\Desktop\Neues Textdokument (2).txt
2015-06-07 20:12 - 2015-06-07 20:12 - 00041266 _____ C:\Users\Lukas\Desktop\Addition (07.06.15).txt
2015-06-07 20:11 - 2015-06-07 20:12 - 00037877 _____ C:\Users\Lukas\Desktop\FRST (07.06.15).txt
2015-06-07 20:10 - 2015-06-07 20:10 - 00000822 _____ C:\Users\Lukas\Desktop\checkup.txt
2015-06-07 18:11 - 2015-06-07 18:12 - 00852639 _____ C:\Users\Lukas\Desktop\SecurityCheck.exe
2015-06-07 18:11 - 2015-06-07 18:11 - 02870984 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2015-06-06 19:29 - 2015-06-06 19:29 - 00000720 _____ C:\Users\Lukas\Desktop\JRT.txt
2015-06-06 19:27 - 2015-06-06 19:27 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUKAS-PC-Windows-8.1-(64-bit).dat
2015-06-06 19:27 - 2015-06-06 19:27 - 00000000 ____D C:\RegBackup
2015-06-06 19:18 - 2015-06-06 19:18 - 00001153 _____ C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2015-06-06 19:14 - 2015-06-06 19:15 - 00000000 ____D C:\AdwCleaner
2015-06-06 19:03 - 2015-06-06 19:03 - 00001198 _____ C:\Users\Lukas\Desktop\mbam.txt
2015-06-06 18:55 - 2015-06-12 00:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 18:38 - 2015-06-06 18:38 - 00001074 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-06-06 18:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-06 18:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-06 18:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-06 18:31 - 2015-06-06 18:31 - 02942610 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-06 18:30 - 2015-06-06 18:30 - 02231296 _____ C:\Users\Lukas\Desktop\AdwCleaner_4.206.exe
2015-06-05 13:34 - 2015-06-12 00:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 13:34 - 2015-06-12 00:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-05 13:34 - 2015-06-06 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-05 13:32 - 2015-06-06 21:00 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-05 13:25 - 2015-06-05 13:25 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Lukas\Desktop\tdsskiller.exe
2015-06-05 13:19 - 2015-06-06 21:28 - 00000000 ____D C:\Users\Lukas\Desktop\mbar
2015-06-05 13:17 - 2015-06-05 13:17 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Lukas\Desktop\mbar-1.09.1.1004.exe
2015-06-05 12:40 - 2015-06-05 12:40 - 00132508 _____ C:\Users\Lukas\Desktop\Neues Textdokument.txt
2015-06-05 12:07 - 2015-06-05 12:07 - 00000754 _____ C:\Users\Lukas\Desktop\quarantaene.txt
2015-06-05 11:59 - 2015-06-05 11:59 - 00004984 _____ C:\Users\Lukas\Desktop\Ereignisse.txt
2015-06-05 11:57 - 2015-06-05 11:57 - 00055770 _____ C:\Users\Lukas\Desktop\AVSCAN-20150601-212558-480F1274.LOG
2015-06-05 11:56 - 2015-06-05 11:56 - 00056954 _____ C:\Users\Lukas\Desktop\AVSCAN-20150521-191913-863EDE59.LOG
2015-06-05 11:44 - 2015-06-05 11:44 - 00003851 _____ C:\Users\Lukas\Desktop\Gmer Scan.log
2015-06-05 11:38 - 2015-06-05 11:38 - 00380416 _____ C:\Users\Lukas\Desktop\Gmer-19357.exe
2015-06-05 11:32 - 2015-06-06 19:33 - 00039353 _____ C:\Users\Lukas\Desktop\Addition (06.06.15).txt
2015-06-05 11:32 - 2015-06-06 19:33 - 00034644 _____ C:\Users\Lukas\Desktop\FRST (06.06.15).txt
2015-06-05 11:31 - 2015-06-12 01:09 - 00000000 ____D C:\FRST
2015-06-05 11:31 - 2015-06-05 11:31 - 02108928 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-06-05 11:17 - 2015-06-05 11:17 - 00000000 ____D C:\Users\Lukas\AppData\Local\GWX
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-24 23:49 - 2015-05-24 23:49 - 00007597 _____ C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2015-05-13 23:49 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 23:49 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:50 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 01:09 - 2014-01-26 15:49 - 02026285 _____ C:\Windows\WindowsUpdate.log
2015-06-12 01:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-12 00:56 - 2014-10-11 13:45 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2015-06-12 00:51 - 2014-10-11 14:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-12 00:05 - 2013-08-22 16:46 - 00029246 _____ C:\Windows\setupact.log
2015-06-12 00:05 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-12 00:05 - 2013-08-22 16:44 - 00686496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 00:03 - 2015-03-25 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-12 00:03 - 2014-10-05 23:01 - 00000000 ____D C:\Windows\pss
2015-06-12 00:03 - 2013-09-13 23:00 - 00398582 _____ C:\Windows\PFRO.log
2015-06-12 00:03 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-12 00:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 23:29 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-09 22:40 - 2014-10-15 11:33 - 00000000 ____D C:\Users\Lukas\Downloads\Sonstiges
2015-06-09 22:40 - 2014-10-11 14:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 22:40 - 2014-10-05 23:01 - 00000000 ____D C:\Users\Lukas\AppData\Local\Adobe
2015-06-09 22:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-07 20:04 - 2014-10-05 23:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2200920533-3107399475-823698359-1002
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 21:17 - 2014-11-04 23:00 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\dvdcss
2015-06-01 21:15 - 2014-01-26 15:44 - 00020526 _____ C:\Windows\DPINST.LOG
2015-06-01 18:49 - 2014-10-15 11:32 - 00000000 ____D C:\Users\Lukas\Downloads\VC
2015-06-01 18:43 - 2015-03-05 17:09 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 11:13 - 2013-10-29 05:31 - 00764104 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-25 23:39 - 2014-10-19 14:30 - 00000000 ____D C:\Users\Lukas\Documents\Bafög
2015-05-25 21:54 - 2014-01-27 00:26 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-05-25 21:54 - 2014-01-27 00:26 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-05-25 21:54 - 2013-09-13 23:06 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-25 19:44 - 2014-10-23 18:36 - 00000000 ____D C:\Windows\SysWOW64\SupportAppCB
2015-05-25 19:44 - 2014-01-26 15:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 20:59 - 2015-04-04 20:11 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 18:47 - 2014-10-09 16:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-16 15:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-14 01:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-13 21:49 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 10:24 - 2015-01-25 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 00:45 - 2014-10-19 19:47 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 00:42 - 2014-10-19 19:47 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 00:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-05-13 00:38 - 2015-01-25 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2015-05-24 23:49 - 2015-05-24 23:49 - 0007597 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
2014-01-26 15:45 - 2014-01-26 15:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\COMAP.EXE
C:\Users\Lukas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-12 01:01

==================== End of log ============================
         
--- --- ---


Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Lukas at 2015-06-12 01:10:16
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2200920533-3107399475-823698359-500 - Administrator - Disabled)
Gast (S-1-5-21-2200920533-3107399475-823698359-501 - Limited - Disabled)
Lukas (S-1-5-21-2200920533-3107399475-823698359-1002 - Administrator - Enabled) => C:\Users\Lukas
UpdatusUser (S-1-5-21-2200920533-3107399475-823698359-1001 - Limited - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica SE 4.1 (HKLM-x32\...\Acoustica SE_is1) (Version: 4.1 - Acon Digital Media GmbH)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{4065415E-A05E-4555-B527-CEF9F165B8BC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 (HKLM\...\MX.{FFDC29E6-5C7C-4AA8-AF5A-99E015165382}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Recorder-Studio SE 1.0 (HKLM-x32\...\Recorder-Studio SE_is1) (Version: 1.0 - BHV Software GmbH & Co. KG)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

11-06-2015 23:26:51 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E2DE56-6195-4219-97FA-C02DB560B2DF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {06AE4280-390E-4D41-B421-097EE5192256} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {1B41E805-D940-4893-9576-FB206346AB80} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {211C0199-F456-42F3-82BD-1B971E5C432B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {291763B2-BB16-4667-9FAA-8350B93A117A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2D1E425F-7D3E-4B21-A676-3775B76485F5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {30CAF148-43B4-48C0-A784-AA497FD40ECE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {353297FB-B5BA-4320-A202-818227306558} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {375A5AAB-64B4-4378-95CC-51CAD5A86FF4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3E00096C-1C22-49A8-A4F5-82A81A4E3AC3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3EE9E4F6-FE5E-43AF-B733-59265B9D5B7B} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {4EA139A3-52C8-485A-AAD2-ACC92E97D882} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {527175CC-7D76-431B-803F-622F38833063} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {52DFC392-B343-40CF-9A02-28452B160C19} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {590E2275-71B8-4455-AB08-62883FE6D352} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {597C0513-1CE4-4DAE-9145-C3C7938A101D} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {5C5DFD80-2EFB-4D21-81C6-EC7A711E3973} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)
Task: {5E56C47A-7F6C-422A-83C3-D0D78ED7D9EE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E81E348-9850-4D69-8DE4-8B4DD966A474} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {61379401-D2D2-409A-89BA-ED1EAFB4A3F9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {7308AA49-AD51-460B-A128-7DC5C96533C3} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {74A87D5C-4A13-4B73-89C0-07F1EF8454E9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {8D8D6B91-3297-4C25-829B-D4F1FEA8CA3C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {9309103C-41C0-4C9E-BC1A-FF1DA085C568} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {995FD0C4-4B92-4BE5-A323-4EA532D769E9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9ADDCB66-46AB-4F9C-AA53-381B18D689AB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {A1E48529-6AC6-40CD-9782-6DFE07AAAABA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A91A03C9-22B3-4609-B0E5-D809A7DE84BB} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {B7EEA861-EA1E-492C-A876-044CE8E451D0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {BAD95FB4-AB1A-4F99-B236-5FB96CEDC5E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {BB668D66-4C7E-4D07-B590-8E6CC6003BE3} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C2C4D164-ED37-4F33-BC9E-8FC2DA21FFCA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {C6E1C42F-8112-497F-97B5-F7C47CB777D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C85A2D48-F2AE-42F4-AB63-E1A763420AEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {C9012A95-8E78-46DF-8A88-550E9BB1F42D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {D339AD84-73E7-4662-B42B-A70577E5FC51} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.)
Task: {DC1F8240-23B1-40E2-AB19-7F8EB3038958} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E27666EA-543E-49A7-8CFA-024B9058B9C9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2977F39-332C-4B77-A032-FA697E7203B5} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {EE1DC044-BE74-4E29-831A-7A737FBC6A8A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {FB993DA0-820A-41B1-A7A2-A6184DDA44AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-26 15:49 - 2013-10-30 04:18 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-25 15:20 - 2013-09-25 15:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-11-05 16:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-26 15:43 - 2013-09-18 04:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2200920533-3107399475-823698359-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
HKU\S-1-5-21-2200920533-3107399475-823698359-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Bluetooth"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B9218B80-AD4F-475D-A463-C4C1F49B79C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32844DDA-B49A-424B-99F0-BDAEFCD47D01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{564A4495-198F-49A1-8DF4-775C99374901}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6C092FD2-8F10-47DD-AC94-985A5B5B0DFB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{67DD2A88-3679-48E2-A4C8-B99CCCB3E803}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B75CC025-1550-4578-8185-770F27B01BE8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0824176-837A-4A14-B83B-6B76C2C125BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F6027EAC-0F61-40CE-836B-8FB0D72625B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9B9A5E79-6565-4D68-AC59-127FFAC0A1F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BB93AF72-0D6B-4B9C-ADFE-74FECB4EA655}] => (Allow) LPort=2869
FirewallRules: [{7AB19AFC-8C6D-4580-A46B-5B3100261584}] => (Allow) LPort=1900
FirewallRules: [{3737352A-868A-4A3C-9377-D0B4B964E1DE}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015\Videodeluxe.exe
FirewallRules: [{2A431B48-FF61-403F-9E94-5F7159E43361}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{EC994205-45FE-41B5-AA58-0542C9C7374C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{68B879E3-FD87-4CDC-A4C1-C0F68615CEB5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{A58FF69F-03E6-45B0-BDDA-EC86F5EE8996}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{DC787676-6CFF-4CA2-9947-FAFEAF334ECC}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{C3AC2A96-0F48-4CF2-8100-42F9EF076282}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F1553058-B131-4682-BB6C-369BBD9AD98D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D47F3AA0-E43A-4184-8C63-751C24486B69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{81500139-6DD1-4049-8A04-AB77384F5F7C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10A30411-A2AB-4DF6-9B22-EB500571E6C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2015 01:02:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/12/2015 00:58:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Lukas-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\UpdatusUser\ntuser.dat

Error: (06/12/2015 00:02:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffe2889b261
ID des fehlerhaften Prozesses: 0x32c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (06/12/2015 00:02:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/11/2015 11:26:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2200920533-3107399475-823698359-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {12923ad5-68f4-4557-ba18-e310f4d0e146}

Error: (06/09/2015 02:29:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/12/2015 00:03:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/12/2015 00:03:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/12/2015 00:01:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/11/2015 11:27:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 11:56:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 11:56:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 11:56:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 11:56:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 11:56:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (06/09/2015 10:38:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll


Microsoft Office:
=========================
Error: (06/12/2015 01:02:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (06/12/2015 00:58:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lukas-PC)
Description: 

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Lukas-PC)
Description: 

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Lukas-PC)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/12/2015 00:08:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\UpdatusUser\ntuser.dat

Error: (06/12/2015 00:02:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffe2889b26132c01d0a07eb63637ffC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown9aecc61d-1085-11e5-8271-3c077165f80e

Error: (06/12/2015 00:02:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (06/11/2015 11:26:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2200920533-3107399475-823698359-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {12923ad5-68f4-4557-ba18-e310f4d0e146}

Error: (06/09/2015 02:29:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lukas-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 21%
Total physical RAM: 8103.8 MB
Available physical RAM: 6348.94 MB
Total Pagefile: 9383.8 MB
Available Pagefile: 7502.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:904.44 GB) (Free:831.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7A582497)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 12.06.2015, 18:53   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



die Quarantine.exe gehört zu AdwCleaner oder JRT, also Fehlalarm.

Avira ist witzig, immer wenn wir mit unsern Tools arbeiten wollen wird der Zugriff auf die Registry gesperrt, auch wenn Avira aus ist. Aber Malware darf auf den Rechner......
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.06.2015, 19:30   #14
bcko30
 
Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Ok, alles klar. Ich hatte schon gehofft, dass das etwas in der Art ist.

Dann hoffe ich, dass es jezt erstmal wieder eine lange Zeit ruhig ist
Vielen Dank noch einmal für die Hilfe!

Alt 13.06.2015, 14:47   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Backdoorfund von Avira-Echtzeitscanner - Standard

Windows 8: Backdoorfund von Avira-Echtzeitscanner



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8: Backdoorfund von Avira-Echtzeitscanner
avira, desktop, dllhost.exe, explorer.exe, festgestellt, google, hdd0(c:), internet, logfiles, lsass.exe, malware, modul, namen, neustart, prozesse, registry, rundll, scan, services.exe, sicherheit, svchost.exe, system, task-manager, temp, virus, windows, winlogon.exe



Ähnliche Themen: Windows 8: Backdoorfund von Avira-Echtzeitscanner


  1. Avira Echtzeitscanner deaktiviert sich ständig von selbst
    Alles rund um Windows - 25.10.2015 (34)
  2. Computer langsam, Internet viel zulangsam, Echtzeitscanner nicht aktivierbar(avira)
    Plagegeister aller Art und deren Bekämpfung - 23.09.2015 (14)
  3. Windows 7: Avira Echtzeitscanner lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 26.03.2015 (13)
  4. Avira Echtzeitscanner plötzlich abgeschaltet, Firewall angeblich deaktiviert
    Log-Analyse und Auswertung - 27.12.2014 (15)
  5. Deaktivierter Echtzeitscanner Avira Antivir + Fehlermeldung beim Datei-Scan, Win 7
    Log-Analyse und Auswertung - 16.12.2014 (9)
  6. Windows XP: Avira Echtzeitscanner lässt sich nicht aktivieren / AVG Residente Komponente inaktiv
    Log-Analyse und Auswertung - 12.08.2014 (9)
  7. Trojaner und/oder Rootkit blockiert Avira Echtzeitscanner und Windows Updates
    Log-Analyse und Auswertung - 29.05.2014 (19)
  8. Programme gehen einfach aus und Avira Echtzeitscanner sowie normaler scan funktionieren nicht, das gleiche bei Malwarebytes...
    Plagegeister aller Art und deren Bekämpfung - 19.05.2014 (3)
  9. Avira Echtzeitscanner meldete Trojaner, Malwarebytes infizierte Objekte
    Log-Analyse und Auswertung - 10.03.2014 (25)
  10. Selbständiges deaktivieren von Avira Echtzeitscanner, Firewall, Browser-Schutz und E-Mail-Schutz
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (10)
  11. Avira Echtzeitscanner findet TR/Patched.Ren.Gen
    Log-Analyse und Auswertung - 07.11.2013 (11)
  12. Adware Gen7 fund von Avira Echtzeitscanner (Vista)
    Log-Analyse und Auswertung - 19.09.2013 (7)
  13. Opera & Win7 Abstürze, Avira Echtzeitscanner & Browserschutz deaktiviert und nicht startbar
    Log-Analyse und Auswertung - 15.09.2013 (9)
  14. Avira-Echtzeitscanner findet Maleware
    Plagegeister aller Art und deren Bekämpfung - 16.05.2013 (17)
  15. Avira meldet Viren über Echtzeitscanner
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (9)
  16. Trojan.Agent und Trojan.Phex.THA.Gen1, Avira Antivir Echtzeitscanner geblockt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  17. Avira Echtzeitscanner meldet TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 13.03.2012 (4)

Zum Thema Windows 8: Backdoorfund von Avira-Echtzeitscanner - Hallo, der Echtzeitscanner von Avira hat vor gut 2 Wochen den Fund des Backdoorprogrammes BDS/KillWin.DG gemeldet. Code: Alles auswählen Aufklappen ATTFilter Typ: Datei Quelle: C:\Windows\System32\LogFiles\Scm\cfd7c21a-808b-487b-a6ec-8a10e44e8360 Status: Infiziert Quarantäne-Objekt: 507eb79f.qua Wiederhergestellt: - Windows 8: Backdoorfund von Avira-Echtzeitscanner...
Archiv
Du betrachtest: Windows 8: Backdoorfund von Avira-Echtzeitscanner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.