Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.10.2015, 09:58   #1
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Hallo, ich habe auf meinem Rechner den Eset scan laufen lassen mit dem Ergebnis von 17 infizierten Dateien. Wollte euch das posten. Davor wollte ich aber noch alle Log files erstellen um euch alle notwendigen Infos direkt zukommen lassen zu können. Bei letzten Schritt (GMER Scan) hat sich der PC jedoch dann aufgehangen :-( . Hatte den Scan übrigens als Administrator gestartet. Ich hab ihn dann kalt runtergefahren (Power-Knopf gedrückt gehalten). Beim Neustart "Windows normal starten" sehe ich jetzt nur noch die Taskleiste, der Rest des Desktops ist komplett schwarz. Die Log-files hatte ich auf dem Desktop liegen, kann Sie jetzt aber nicht mehr sehen. Auch nach Klick auf den Start-Button zeigt sich kein Menü o.ä.. Könnt ihr mir helfen mit den 17 infizierten Dateien und dem neuen Problem (schwarzer Desktop)? Danke.

Alt 04.10.2015, 10:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 04.10.2015, 19:28   #3
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Hi schrauber,
Hatte FRST.exe (liegt aufm Desktop) schon ausgeführt bevor ich GMER gestartet habe. Die FRST.txt liegt also aufm Desktop, den ich aber leider nicht mehr sehe (bis auf die Taskleiste ist alles schwarz). Kann jetzt auch nur die Programme öfnen, die in der Taskleiste sind (z.B. Chrome oder IE). Start-Button funktioniert auch nicht. Was noch funktioniert ist STRG+ALT+Entf (wenn das weiterhilft?!). Oder soll ich mich mal als Admin. anmelden? Bin aktuell als Standardnutzer eingeloggt, nicht als Administrator.

Wenn ich mich als Administrator anmelde scheint alles "normal". Desktop ist sichtbar, Start-Button klappt auch.

Bis zu dem Zeitpunkt als ich GMER Scan im Standard Benutzerkonto habe laufen lassen, war auch alles "normal", wenn man von den angesprochenen 17 infizierten Dateien absieht, von denen ich ja bis Dato auch gar nichts gewusst habe.
Danke.

Habe den PC jetzt auch mal im abgesicherten Modus gestartet. Hier jedoch dasselbe Phänomen. Schwarzer Desktop und ebenfalls ist nur die Taskleiste sichtbar. Start-Button klappt auch nicht.

Bin jetzt wieder raus aus dem abgesicherten Modus. Habe Windows normal gestartet. Der Browser (Chrome) kann ich öffnen und Seiten aufrufen.

Das noch als Ergänzung. Danke.
__________________

Alt 05.10.2015, 18:30   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Mach die FRST Scans dann bitte im Admin-Account.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.10.2015, 19:04   #5
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:04-10-2015
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (05-10-2015 19:55:03)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update 5\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Google BAE\BAE.dll [2006-06-23] (Your Company Name)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - IE Toolbar - {65B41DCE-101B-4A4A-A53F-374ABB560841} - C:\Program Files\Ecocho Toolbar\ecocho-asia.dll Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> IE Toolbar - {65B41DCE-101B-4A4A-A53F-374ABB560841} - C:\Program Files\Ecocho Toolbar\ecocho-asia.dll Keine Datei
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [135760 2015-10-03] (ESET)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 19:55 - 2015-10-05 19:57 - 00020682 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-05 19:52 - 2015-10-05 19:52 - 01697792 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-04 14:44 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-05 19:55 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:16 - 2015-10-03 19:16 - 00000000 ____D C:\Program Files\ESET
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-03 18:21 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2015-09-07 20:48 - 2015-09-07 20:49 - 02190336 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64 (1).exe
2015-09-06 16:25 - 2015-09-06 16:25 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\elfopatch
2015-09-06 16:20 - 2015-09-06 16:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-06 16:18 - 2015-09-06 16:18 - 00000000 ____D C:\Users\Tobias\AppData\Local\elfopatch
2015-09-06 00:53 - 2015-09-06 00:54 - 15836530 _____ C:\Users\Tobias\Downloads\YouPorn - FakeAgentUK Petite girl big tits great fuck job done.3gp
2015-09-06 00:34 - 2015-09-06 00:39 - 49677025 _____ C:\Users\Tobias\Downloads\YouPorn - Shy Love.3gp
2015-09-06 00:14 - 2015-09-06 00:19 - 33806108 _____ C:\Users\Tobias\Downloads\YouPorn - Leopard Blond Fuck Playvision.3gp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 19:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 19:52 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 19:46 - 2007-10-26 18:45 - 01973641 _____ C:\Windows\WindowsUpdate.log
2015-10-05 19:41 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-05 19:41 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-05 19:41 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-05 19:41 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-05 19:41 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-05 19:41 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-05 11:43 - 2014-03-25 17:55 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-05 11:42 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-05 11:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-05 11:40 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-05 11:40 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-05 11:23 - 2006-11-02 12:33 - 01624692 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 19:53 - 2007-02-26 18:30 - 01072242 _____ C:\Windows\PFRO.log
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google
2015-09-06 20:49 - 2008-03-30 13:12 - 00000000 ____D C:\Users\Tobias\Documents\Steuerfälle
2015-09-06 19:52 - 2008-03-04 18:56 - 00000000 ____D C:\FreePDF
2015-09-06 16:26 - 2011-04-29 23:10 - 00000000 ____D C:\Program Files\ElsterFormular 2010
2015-09-06 16:26 - 2009-04-24 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat

Einige Dateien in TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maike\AppData\Local\Temp\AskSLib.dll
C:\Users\Maike\AppData\Local\Temp\avgnt.exe
C:\Users\Maike\AppData\Local\Temp\install_reader10_de_gtbp_chrd_aih[1].exe
C:\Users\Tobias\AppData\Local\Temp\02B673~1.exe
C:\Users\Tobias\AppData\Local\Temp\6ACC2D~1.exe
C:\Users\Tobias\AppData\Local\Temp\AskSLib.dll
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\DivXInstaller.exe
C:\Users\Tobias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdpyzoa.dll
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\Tobias\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\Tobias\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Tobias\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Tobias\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Tobias\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tobias\AppData\Local\Temp\lvid_lvid.exe
C:\Users\Tobias\AppData\Local\Temp\Nokia_PC_Suite_rel_7_0_9_2_ger.exe
C:\Users\Tobias\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Tobias\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Tobias\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tobias\AppData\Local\Temp\{92452699-A6A9-45FE-A181-BF1217B3C13B}-GoogleToolbarInstaller_updater_signed.exe
C:\Users\Tobias_2\AppData\Local\Temp\AskSLib.dll
C:\Users\Tobias_2\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias_2\AppData\Local\Temp\psapi.dll
C:\Users\Tobias_2\AppData\Local\Temp\Quarantine.exe
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll
C:\Users\Tobias_2\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tobias_2\AppData\Local\Temp\System.Data.SQLite97575.dll
C:\Users\Tobias_2\AppData\Local\Temp\unwise.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-05 19:48

==================== Ende vom FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:04-10-2015
durchgeführt von Tobias_2 (2015-10-05 19:58:15)
Gestartet von C:\Users\Tobias_2\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2007-10-26 16:45:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3051598103-94963199-2244021974-500 - Administrator - Disabled)
Gast (S-1-5-21-3051598103-94963199-2244021974-501 - Limited - Enabled) => C:\Users\Gast
Maike (S-1-5-21-3051598103-94963199-2244021974-1006 - Limited - Enabled) => C:\Users\Maike
Tobias (S-1-5-21-3051598103-94963199-2244021974-1003 - Limited - Enabled) => C:\Users\Tobias
Tobias_2 (S-1-5-21-3051598103-94963199-2244021974-1005 - Administrator - Enabled) => C:\Users\Tobias_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 4.57 (HKLM\...\7-Zip) (Version:  - )
AAVUpdateManager (HKLM\...\{0D410F4D-9009-43F8-9DF1-BDADCE7FC43F}) (Version: 3.00.0000 - Akademische Arbeitsgemeinschaft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.4.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.4 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
CameraHelperMsi (Version: 13.00.1774.0 - Logitech) Hidden
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.7.4 - fotobuch.de AG)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 1.0.2.23 - DivX, Inc. )
ElsterFormular (HKLM\...\ElsterFormular 11.2.0.4074) (Version: 11.2.0.4074 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.0.0.0 - Steuerverwaltung des Bundes und der Länder)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
fideAS® file enterprise private edition (HKLM\...\{9D02EA09-A131-49A3-8D51-8E02D04F9847}) (Version:  - )
FreePDF XP (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Ghostery (HKLM\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20110512 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript 8.60 (HKLM\...\GPL Ghostscript 8.60) (Version:  - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version:  - )
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.59a (HKLM\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Napster 5 Beta (HKLM\...\com.Rhapsody.Napster5) (Version: 1.0.61 - Rhapsody International Inc)
Napster 5 Beta (Version: 1.0.61 - Rhapsody International Inc) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.86.9.0 - Nokia)
Nokia PC Suite (Version: 6.86.9.0 - Nokia) Hidden
Nokia Software Updater (HKLM\...\{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}) (Version: 02.04.005.41445 - Nokia Corporation)
OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
PC Connectivity Solution (HKLM\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version:  - )
PokerStars.net (HKLM\...\PokerStars.net) (Version:  - PokerStars.net)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.81.0 - PS3 Media Server)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
SAMSUNG PC Share Manager (HKLM\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG)
SAMSUNG PC Share Manager (Version: 4.0 - SAMSUNG) Hidden
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)
Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)
Steuersparer 2014 (HKLM\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.13999  - TeamViewer GmbH)
The GodFather (HKLM\...\The GodFather) (Version:  - )
TOL 7.0.27.6 Components (HKLM\...\{82BB647B-C09E-423D-8395-BFFBA0B8644B}) (Version: 7.0.27.6 - Auralog)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Content Importer  VAIO Content Exporter (Version: 1.3.00.13300 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.3.00.13300 - Sony Corporation)
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)
VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.04090 - Sony Corporation)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7) (HKLM\...\CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A) (Version: 03/05/2008 3.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1) (HKLM\...\E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D) (Version: 03/13/2008 6.86.0.1 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}\localserver32 -> C:\Program Files\Nokia\Nokia PC Suite 6\MultimediaPlayer.exe (Nokia)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Tobias_2\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei

==================== Wiederherstellungspunkte =========================

20-09-2015 20:50:03 Geplanter Prüfpunkt
21-09-2015 20:48:14 Windows Update
25-09-2015 18:32:36 Geplanter Prüfpunkt
03-10-2015 11:43:18 Windows Update
03-10-2015 13:44:59 Windows Update
03-10-2015 15:42:55 Windows Update
04-10-2015 12:13:08 Geplanter Prüfpunkt
05-10-2015 10:00:53 Windows Update

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03292A64-7B17-437B-9DA2-D3E930906277} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {04B8B746-6BF7-47EA-99D0-7730BCE7F577} - System32\Tasks\LaunchMCV => MyClubVaio.vbs
Task: {0B5E040C-AD07-4054-8009-55FD6A6AAB7E} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe
Task: {0E88563E-6870-46CC-85C5-28B2E654BE19} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
Task: {0F614CB5-37C8-4B6F-80B6-ABC59FA334AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {1E0CF3DC-DF39-437B-8205-25DCC08EADFC} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe
Task: {2209DF9F-5640-4DEB-84C3-3436BC3034CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2BFBEBC7-9615-4E55-B21E-5C30EAE3A84C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3FABAD80-64FB-4D44-A4B7-6D6A8EEF1F25} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe
Task: {4358621B-9F5F-4ACD-A7BC-31CAD8B59FD2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21] (Adobe Systems Incorporated)
Task: {4790FDBD-6127-4D9B-89AC-71F68627654D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {56B9293A-1863-4DDD-83CA-28AC0A33836D} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {62B77C40-E498-4DC1-9254-5B51BE706ECB} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {6AA69C80-8E22-4030-90B1-3955E6D3EEA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {7751B2CE-0C18-4074-96ED-62A6FF85FF5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9362BE8A-1751-4D85-A816-C3F0C1DFB5E6} - System32\Tasks\{5CD16FC8-E171-4B05-BB45-1B854FD80A0E} => pcalua.exe -a C:\ProgramData\Sony\MyClubVAIO\MyClubVAIO.exe -d C:\ProgramData\Sony\MyClubVAIO
Task: {9A27AE43-7CC4-40F4-9500-12DF824E11E8} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe
Task: {AE312CF0-704E-4EF9-A1F9-BFAAE6181039} - System32\Tasks\{49422247-D8A0-4B6E-8E37-82554BEFE11E} => pcalua.exe -a C:\Users\Tobias\setup-Reisen-tuerkriviera.exe -d C:\Users\Tobias
Task: {AECAC0BB-56ED-42A9-A828-4FF6F51307D4} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-04-09] (Sony Corporation)
Task: {B2071D54-F7E8-4E5D-ADCB-061257AB6345} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-04-09] (Sony Corporation)
Task: {B7A2ACFD-BA6A-4102-A268-B20318834D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {C14DD04F-1A66-48E6-A975-7522B5C4CA43} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {CB78B3AD-2040-4A0E-8C42-518D858E778A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {D80E2DFA-FB3A-4170-B7AA-727A4CFA4D14} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-03-04 18:53 - 2005-01-06 19:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-26 18:01 - 2007-02-13 16:19 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-02-26 18:01 - 2007-02-13 16:19 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2009-11-11 21:01 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2007-02-26 21:02 - 2007-01-24 11:04 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\system32\hccutils.DLL
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{28CFDEA3-1FFE-445E-BD6B-A4637549DBF5}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{B853D6C8-BE18-4F9F-BA31-E6B14A1C8375}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{1A1CD5E7-2AC5-404F-8A09-8FB4D708E942}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [{0EDBBDDF-09F8-4990-96F5-458203C2CF9B}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [TCP Query User{2481657B-1641-4E6C-A363-5423EE417079}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{55C341FC-8AC2-4B7E-B136-D3D0E6ED184E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{6B5686E8-CB7A-4058-8BB6-B06F0A96A270}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8D9186EB-1153-4738-85F7-A0D1B3D88093}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D9961355-22D1-495C-B015-48F80A6E1FAA}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9306F6B8-408E-4501-9715-6C0C4A46B0E2}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1E3B55D9-83D2-4EF5-8928-7B319DEC8449}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [UDP Query User{A05C71EC-5117-4B68-A649-E1976551D6D2}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [{93C19A66-0B4F-4500-8F22-4BF65D3BA3D2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AD5316F2-BCE8-4EAF-9AE9-795EF71C8D15}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{64B3005A-B06D-42BE-9D61-B63EF593CF77}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7A3D3597-79EE-4E7C-86EC-D2C472DDBCAB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{067C67C2-4FF9-430C-9D87-BB6844606E77}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{944DA102-993D-4305-88F0-E17C7BD1EF21}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [{72E8284F-400C-4DAD-A540-0045A3509488}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [TCP Query User{FA429FA2-8476-4AED-831F-82B7396E4462}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{594768EA-2059-41A3-9118-B9C468D1B751}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [TCP Query User{5D950F6A-0BAB-4DB8-935F-CBDE976BCCAC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{3A9F5922-2D10-45AD-ACFF-FB700F4DFB17}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{C8108D91-91C2-4E2F-942E-7B29D4667048}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{88A4A4B2-1C61-4141-8DE4-BEB6CF68FE26}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{E522214B-C37A-4DE1-BDE3-72794AA78FE8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{2F0305A5-97DF-4A65-BFD7-AB57A24F0C0C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{99F8A7D3-7E51-4A2D-A672-A1CB9335A821}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{41DCE95C-86F8-476E-84A3-E56B1FDD0283}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{EA68F7EC-2EE8-4A2E-8800-A2D75AFB86E5}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{2ABAE764-8746-4C1A-BF23-1E3D0D78D172}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [TCP Query User{7AAF1241-C0AF-4C7D-8E9F-53E259B60A2A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{3F1F2C39-0675-4BC9-AEA9-DB34BA799DF8}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{1AA33B8E-5CC2-4A18-961C-16E6647E38D3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{2B6F0BC7-8F2E-41E6-A31A-938A748AC480}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0AA0629C-83BE-436A-896F-D164B52938B3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0BC252E2-5A17-4E07-8DA6-2B55CE22B84F}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{B674EE12-A64D-46D5-B5C5-43CBA55BA932}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9F77F05A-21D3-4DE1-A3E1-79D39191C15D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{4ADFAAB8-6F72-42F1-B0FE-9F50B299F963}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{F4FFDFE3-41C8-4640-BFE3-44C15784CB8D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{7E69422E-A34A-4BE6-825F-3B182B0744B5}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{9E4E39E6-E721-4433-8144-B9DA09366166}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{C903A740-D1DA-4512-814B-E734F7EB5664}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{03CB3D3D-FD62-4813-A92B-1E22866EC922}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{6D770C92-8066-464F-9EA9-E23633C2C834}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{997DDA14-3ACE-4601-9E76-C977ED47E7EC}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{0A536BE2-9B8B-45B4-B064-691B3AF3D32E}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09BC94BA-3A7C-44C2-B9E5-41C53AFB5917}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{02C154E6-9507-42A0-B539-BD9DDCDD7C68}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{C6FA9CB9-A187-4569-8B98-D06B92C4DD75}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{A83763DD-9B9B-4ABE-A734-3EABCB4DEC66}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{313C0051-51C5-4A31-B14E-35A0EC404B0F}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{AE3D2A82-EF1A-4177-8AB9-130E30509122}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64AEE323-F9A2-4C6F-A44D-76CB4DB639D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{31F31923-621F-4331-8F19-12DD86BD58DD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{35B4ABDB-BD77-405D-B3FE-5B59CF18C0FD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{17C64AD6-E2F8-488E-9B0F-459BC3A19388}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{777E9E31-7F55-445C-9ABB-641DF8685D31}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{2C843C09-6FDD-40EF-BE30-3E57BC37A234}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E2BE1DDD-D5B2-418C-A623-EB2A7742AEC3}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{FEB4580A-36CA-4578-9E7C-1E79D7CE7F30}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35E4F129-FC20-4D7D-9C77-CE0B1EDE6FEB}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9A673BBC-A7B6-4192-8183-D705150C0C84}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{923894EE-0F16-4343-82E0-F3D0082A1FB6}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{6C06EB5A-861B-469B-A132-CAA7DA24AE55}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3E862549-9089-4CB8-B75B-1648B7E5986E}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{68168967-06E5-462E-8D18-57B124DC6AA9}] => (Allow) LPort=80
FirewallRules: [{56BA1E51-2A5E-4EFA-B160-4552B941741C}] => (Allow) LPort=80
FirewallRules: [{82951208-6457-4AF9-82B8-BD534CD1CF46}] => (Allow) LPort=80
FirewallRules: [{5597D2B1-B28D-4508-A17B-748A6F5C9C4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5DEAC93A-CBED-41A3-B1FA-7BFED7E30443}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{789A0F53-28A5-4728-B5AB-2E62A2AEA6EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0DA9DD76-ADA6-4040-94B3-EADDEFF9E2D6}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5778E77C-9FDE-4220-8F6A-7361D7EBD168}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [{85DF8EB2-15F9-4EF5-B460-3A90DC1486C6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe] => Designer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600

Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600

Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49036559

Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49036559

Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49020959

Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49020959

Error: (10/05/2015 11:40:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 11:39:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49005359


Systemfehler:
=============
Error: (10/05/2015 07:46:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (10/05/2015 07:41:13 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (10/05/2015 11:43:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (10/05/2015 11:43:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (10/05/2015 10:01:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (10/04/2015 08:16:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (10/04/2015 08:16:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (10/04/2015 08:16:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0228576F-6E6C-4E1A-B175-0E46A316AFE2}

Error: (10/04/2015 08:14:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (10/04/2015 08:14:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


CodeIntegrity:
===================================
  Date: 2015-10-05 19:57:49.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:48.987
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:48.599
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:48.201
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:47.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:47.150
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:46.715
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:57:46.314
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:56:46.882
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-05 19:56:46.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Prozentuale Nutzung des RAM: 88%
Installierter physikalischer RAM: 1013.45 MB
Verfügbarer physikalischer RAM: 118.99 MB
Summe virtueller Speicher: 2293.21 MB
Verfügbarer virtueller Speicher: 1195.21 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:83.85 GB) (Free:0.91 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 0A508B38)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=27)
Partition 2: (Active) - (Size=83.8 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         


Alt 06.10.2015, 17:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan

Alt 06.10.2015, 20:56   #7
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.10.06.04
  rootkit: v2015.10.06.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Tobias_2 :: TOBI-PC [administrator]

06.10.2015 19:07:02
mbar-log-2015-10-06 (19-07-02).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 481229
Time elapsed: 1 hour(s), 29 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
21:36:19.0382 0x0354  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:36:28.0009 0x0354  ============================================================
21:36:28.0009 0x0354  Current date / time: 2015/10/06 21:36:28.0009
21:36:28.0009 0x0354  SystemInfo:
21:36:28.0009 0x0354  
21:36:28.0009 0x0354  OS Version: 6.0.6002 ServicePack: 2.0
21:36:28.0009 0x0354  Product type: Workstation
21:36:28.0009 0x0354  ComputerName: TOBI-PC
21:36:28.0009 0x0354  UserName: Tobias_2
21:36:28.0009 0x0354  Windows directory: C:\Windows
21:36:28.0009 0x0354  System windows directory: C:\Windows
21:36:28.0009 0x0354  Processor architecture: Intel x86
21:36:28.0009 0x0354  Number of processors: 2
21:36:28.0009 0x0354  Page size: 0x1000
21:36:28.0009 0x0354  Boot type: Normal boot
21:36:28.0009 0x0354  ============================================================
21:36:30.0926 0x0354  KLMD registered as C:\Windows\system32\drivers\10070269.sys
21:36:31.0207 0x0354  System UUID: {7ED84DCB-C024-F772-B4FD-776C42758474}
21:36:31.0909 0x0354  Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:36:32.0033 0x0354  ============================================================
21:36:32.0033 0x0354  \Device\Harddisk0\DR0:
21:36:32.0033 0x0354  MBR partitions:
21:36:32.0033 0x0354  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12A0800, BlocksNum 0xA7B1000
21:36:32.0033 0x0354  ============================================================
21:36:32.0252 0x0354  C: <-> \Device\Harddisk0\DR0\Partition1
21:36:32.0455 0x0354  ============================================================
21:36:32.0455 0x0354  Initialize success
21:36:32.0455 0x0354  ============================================================
21:38:09.0081 0x17fc  ============================================================
21:38:09.0081 0x17fc  Scan started
21:38:09.0081 0x17fc  Mode: Manual; SigCheck; TDLFS; 
21:38:09.0081 0x17fc  ============================================================
21:38:09.0081 0x17fc  KSN ping started
21:38:10.0314 0x17fc  KSN ping finished: true
21:38:11.0094 0x17fc  ================ Scan system memory ========================
21:38:11.0094 0x17fc  System memory - ok
21:38:11.0094 0x17fc  ================ Scan services =============================
21:38:11.0281 0x17fc  [ 585E64BB6DFBC0A2F1F0B554DED012DF, D1AB49DA951583E8E8154D977A47F4D20911BD4F77A0D5AD1293570426F3F6FA ] 61883           C:\Windows\system32\DRIVERS\61883.sys
21:38:11.0764 0x17fc  61883 - ok
21:38:11.0920 0x17fc  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
21:38:11.0936 0x17fc  AAV UpdateService - ok
21:38:11.0983 0x17fc  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:38:12.0014 0x17fc  ACPI - ok
21:38:12.0139 0x17fc  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:38:12.0170 0x17fc  AdobeFlashPlayerUpdateSvc - ok
21:38:12.0217 0x17fc  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:38:12.0264 0x17fc  adp94xx - ok
21:38:12.0326 0x17fc  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:38:12.0342 0x17fc  adpahci - ok
21:38:12.0373 0x17fc  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:38:12.0388 0x17fc  adpu160m - ok
21:38:12.0404 0x17fc  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:38:12.0435 0x17fc  adpu320 - ok
21:38:12.0466 0x17fc  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:38:12.0607 0x17fc  AeLookupSvc - ok
21:38:12.0669 0x17fc  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
21:38:12.0763 0x17fc  AFD - ok
21:38:12.0841 0x17fc  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:38:12.0856 0x17fc  agp440 - ok
21:38:12.0888 0x17fc  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:38:12.0903 0x17fc  aic78xx - ok
21:38:12.0950 0x17fc  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
21:38:13.0012 0x17fc  ALG - ok
21:38:13.0044 0x17fc  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:38:13.0059 0x17fc  aliide - ok
21:38:13.0636 0x17fc  [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4, E8625FC2676A5E1C70E2F8AF40A4B1FF908748401B9B169285E2A7277B6E123E ] AllShare        C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
21:38:14.0432 0x17fc  AllShare - detected UnsignedFile.Multi.Generic ( 1 )
21:38:15.0602 0x17fc  Detect skipped due to KSN trusted
21:38:15.0602 0x17fc  AllShare - ok
21:38:15.0649 0x17fc  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:38:15.0664 0x17fc  amdagp - ok
21:38:15.0696 0x17fc  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:38:15.0711 0x17fc  amdide - ok
21:38:15.0742 0x17fc  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:38:15.0976 0x17fc  AmdK7 - ok
21:38:16.0023 0x17fc  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:38:16.0132 0x17fc  AmdK8 - ok
21:38:16.0195 0x17fc  [ 7C2F57BCE81FA74933F0E1C84A97C9DB, FC84A1B09379B74CEA8AFED4F1AF5F8609DE46AB89B42E4EE70D286FB256F4D7 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
21:38:16.0226 0x17fc  ApfiltrService - ok
21:38:16.0288 0x17fc  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
21:38:16.0351 0x17fc  Appinfo - ok
21:38:16.0444 0x17fc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:38:16.0460 0x17fc  Apple Mobile Device - ok
21:38:16.0507 0x17fc  [ D979AFA397FD14AA3B9ACACD40005BCC, CD18EAC814A0670D5E64C53BA823F91F36E67CC855D5C26525ED04EC76A92BA2 ] apsecf3         C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys
21:38:16.0569 0x17fc  apsecf3 - detected UnsignedFile.Multi.Generic ( 1 )
21:38:17.0739 0x17fc  Detect skipped due to KSN trusted
21:38:17.0739 0x17fc  apsecf3 - ok
21:38:17.0755 0x17fc  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
21:38:17.0770 0x17fc  arc - ok
21:38:17.0848 0x17fc  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:38:17.0864 0x17fc  arcsas - ok
21:38:17.0911 0x17fc  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:38:17.0973 0x17fc  AsyncMac - ok
21:38:18.0020 0x17fc  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
21:38:18.0036 0x17fc  atapi - ok
21:38:18.0129 0x17fc  [ 7FA516FC81DD5931F389B56279A27A3E, 8129AF036E37D532CCF0AEFB4319B0D9A27B4F636206E963B1E922E710751334 ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:38:18.0285 0x17fc  athr - ok
21:38:18.0363 0x17fc  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:38:18.0441 0x17fc  AudioEndpointBuilder - ok
21:38:18.0457 0x17fc  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:38:18.0488 0x17fc  Audiosrv - ok
21:38:18.0535 0x17fc  [ F4B56425A00BEB32F5FA6603FF7B0EA2, E91E401053AC9363DE4675879D01B4E0D4054B7AEBBFEE656861170820F53278 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
21:38:18.0582 0x17fc  Avc - ok
21:38:18.0644 0x17fc  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:38:18.0706 0x17fc  Beep - ok
21:38:18.0800 0x17fc  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
21:38:18.0925 0x17fc  BFE - ok
21:38:19.0018 0x17fc  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
21:38:19.0128 0x17fc  BITS - ok
21:38:19.0128 0x17fc  blbdrive - ok
21:38:19.0237 0x17fc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:38:19.0268 0x17fc  Bonjour Service - ok
21:38:19.0346 0x17fc  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:38:19.0408 0x17fc  bowser - ok
21:38:19.0455 0x17fc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:38:19.0502 0x17fc  BrFiltLo - ok
21:38:19.0518 0x17fc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:38:19.0580 0x17fc  BrFiltUp - ok
21:38:19.0642 0x17fc  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
21:38:19.0720 0x17fc  Browser - ok
21:38:19.0752 0x17fc  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:38:19.0845 0x17fc  Brserid - ok
21:38:19.0876 0x17fc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:38:19.0954 0x17fc  BrSerWdm - ok
21:38:19.0986 0x17fc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:38:20.0048 0x17fc  BrUsbMdm - ok
21:38:20.0064 0x17fc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:38:20.0142 0x17fc  BrUsbSer - ok
21:38:20.0188 0x17fc  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:38:20.0220 0x17fc  BthEnum - ok
21:38:20.0266 0x17fc  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:38:20.0313 0x17fc  BTHMODEM - ok
21:38:20.0344 0x17fc  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:38:20.0391 0x17fc  BthPan - ok
21:38:20.0469 0x17fc  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:38:20.0563 0x17fc  BTHPORT - ok
21:38:20.0610 0x17fc  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
21:38:20.0688 0x17fc  BthServ - ok
21:38:20.0688 0x17fc  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:38:20.0734 0x17fc  BTHUSB - ok
21:38:20.0797 0x17fc  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:38:20.0875 0x17fc  cdfs - ok
21:38:20.0937 0x17fc  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:38:21.0015 0x17fc  cdrom - ok
21:38:21.0078 0x17fc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
21:38:21.0140 0x17fc  CertPropSvc - ok
21:38:21.0187 0x17fc  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:38:21.0265 0x17fc  circlass - ok
21:38:21.0327 0x17fc  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
21:38:21.0343 0x17fc  CLFS - ok
21:38:21.0436 0x17fc  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:38:21.0452 0x17fc  clr_optimization_v2.0.50727_32 - ok
21:38:21.0577 0x17fc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:38:21.0592 0x17fc  clr_optimization_v4.0.30319_32 - ok
21:38:21.0624 0x17fc  CLTNetCnService - ok
21:38:21.0670 0x17fc  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:38:21.0733 0x17fc  CmBatt - ok
21:38:21.0764 0x17fc  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:38:21.0780 0x17fc  cmdide - ok
21:38:21.0811 0x17fc  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:38:21.0826 0x17fc  Compbatt - ok
21:38:21.0842 0x17fc  COMSysApp - ok
21:38:21.0842 0x17fc  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:38:21.0858 0x17fc  crcdisk - ok
21:38:21.0873 0x17fc  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:38:21.0951 0x17fc  Crusoe - ok
21:38:22.0014 0x17fc  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:38:22.0060 0x17fc  CryptSvc - ok
21:38:22.0138 0x17fc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:38:22.0216 0x17fc  DcomLaunch - ok
21:38:22.0279 0x17fc  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:38:22.0310 0x17fc  DfsC - ok
21:38:22.0497 0x17fc  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
21:38:22.0716 0x17fc  DFSR - ok
21:38:22.0778 0x17fc  [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:38:22.0934 0x17fc  dg_ssudbus - ok
21:38:23.0012 0x17fc  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:38:23.0059 0x17fc  Dhcp - ok
21:38:23.0137 0x17fc  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
21:38:23.0152 0x17fc  disk - ok
21:38:23.0199 0x17fc  [ F206E28ED74C491FD5D7C0A1119CE37F, DB6AA9C9278F5F62717504F3B21BC2250EC5EB324EBEEAF01D42268D5657B83D ] DMICall         C:\Windows\system32\DRIVERS\DMICall.sys
21:38:23.0215 0x17fc  DMICall - ok
21:38:23.0277 0x17fc  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:38:23.0324 0x17fc  Dnscache - ok
21:38:23.0402 0x17fc  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
21:38:23.0449 0x17fc  dot3svc - ok
21:38:23.0511 0x17fc  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
21:38:23.0542 0x17fc  DPS - ok
21:38:23.0589 0x17fc  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:38:23.0636 0x17fc  drmkaud - ok
21:38:23.0714 0x17fc  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:38:23.0761 0x17fc  DXGKrnl - ok
21:38:23.0823 0x17fc  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:38:23.0901 0x17fc  E1G60 - ok
21:38:23.0964 0x17fc  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
21:38:24.0010 0x17fc  EapHost - ok
21:38:24.0213 0x17fc  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys
21:38:24.0229 0x17fc  eapihdrv - ok
21:38:24.0276 0x17fc  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:38:24.0291 0x17fc  Ecache - ok
21:38:24.0369 0x17fc  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:38:24.0447 0x17fc  ehRecvr - ok
21:38:24.0478 0x17fc  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
21:38:24.0556 0x17fc  ehSched - ok
21:38:24.0572 0x17fc  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
21:38:24.0603 0x17fc  ehstart - ok
21:38:24.0666 0x17fc  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:38:24.0697 0x17fc  elxstor - ok
21:38:24.0775 0x17fc  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:38:24.0837 0x17fc  EMDMgmt - ok
21:38:24.0931 0x17fc  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
21:38:25.0024 0x17fc  EventSystem - ok
21:38:25.0071 0x17fc  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:38:25.0134 0x17fc  exfat - ok
21:38:25.0180 0x17fc  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:38:25.0212 0x17fc  fastfat - ok
21:38:25.0258 0x17fc  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:38:25.0336 0x17fc  fdc - ok
21:38:25.0368 0x17fc  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
21:38:25.0430 0x17fc  fdPHost - ok
21:38:25.0477 0x17fc  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:38:25.0555 0x17fc  FDResPub - ok
21:38:25.0617 0x17fc  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:38:25.0633 0x17fc  FileInfo - ok
21:38:25.0680 0x17fc  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:38:25.0726 0x17fc  Filetrace - ok
21:38:25.0758 0x17fc  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:38:25.0820 0x17fc  flpydisk - ok
21:38:25.0882 0x17fc  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:38:25.0914 0x17fc  FltMgr - ok
21:38:26.0007 0x17fc  [ 456E786A157692A7463B3739C9ADBBF5, 9AB00B5A7CF8CCCF4332E1901286D8832508471809D8BCE45FD75CCFF9CEAD8E ] FontCache       C:\Windows\system32\FntCache.dll
21:38:26.0116 0x17fc  FontCache - ok
21:38:26.0210 0x17fc  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:38:26.0226 0x17fc  FontCache3.0.0.0 - ok
21:38:26.0257 0x17fc  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:38:26.0304 0x17fc  Fs_Rec - ok
21:38:26.0350 0x17fc  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:38:26.0366 0x17fc  gagp30kx - ok
21:38:26.0397 0x17fc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:38:26.0413 0x17fc  GEARAspiWDM - ok
21:38:26.0491 0x17fc  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
21:38:26.0584 0x17fc  gpsvc - ok
21:38:26.0756 0x17fc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate1ca4b172e6509a8 C:\Program Files\Google\Update\GoogleUpdate.exe
21:38:26.0772 0x17fc  gupdate1ca4b172e6509a8 - ok
21:38:26.0834 0x17fc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:38:26.0850 0x17fc  gupdatem - ok
21:38:26.0896 0x17fc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:38:26.0928 0x17fc  gusvc - ok
21:38:26.0974 0x17fc  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:38:27.0068 0x17fc  HdAudAddService - ok
21:38:27.0146 0x17fc  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:38:27.0224 0x17fc  HDAudBus - ok
21:38:27.0255 0x17fc  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:38:27.0318 0x17fc  HidBth - ok
21:38:27.0364 0x17fc  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:38:27.0427 0x17fc  HidIr - ok
21:38:27.0474 0x17fc  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
21:38:27.0520 0x17fc  hidserv - ok
21:38:27.0552 0x17fc  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:38:27.0583 0x17fc  HidUsb - ok
21:38:27.0614 0x17fc  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:38:27.0676 0x17fc  hkmsvc - ok
21:38:27.0708 0x17fc  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:38:27.0723 0x17fc  HpCISSs - ok
21:38:27.0817 0x17fc  [ 53229DCF431D76434816CD29251168A0, F27EF06B23F14C1D041275E8C1F9238151D81CFDBB6D58B2657BA3303CDEB7E1 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:38:27.0942 0x17fc  HSF_DPV - ok
21:38:27.0988 0x17fc  [ 31F949D452201F2F0AF0C88D7DB512CD, 26268129B7C6DF91F9C0FF115614308740D2921131662D8691F14F0573CBAD91 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:38:28.0004 0x17fc  HSXHWAZL - ok
21:38:28.0066 0x17fc  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:38:28.0129 0x17fc  HTTP - ok
21:38:28.0160 0x17fc  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:38:28.0176 0x17fc  i2omp - ok
21:38:28.0222 0x17fc  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:38:28.0254 0x17fc  i8042prt - ok
21:38:28.0300 0x17fc  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:38:28.0316 0x17fc  iaStorV - ok
21:38:28.0425 0x17fc  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:38:28.0472 0x17fc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:38:29.0658 0x17fc  Detect skipped due to KSN trusted
21:38:29.0658 0x17fc  IDriverT - ok
21:38:29.0782 0x17fc  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:38:29.0845 0x17fc  idsvc - ok
21:38:29.0970 0x17fc  [ A4FBA5B34E69E46315A7C5223A470A17, 225ECC88DA6B76D69DDB4277A53FED7F41A13874A81112105A8A37B804FF06C0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:38:30.0141 0x17fc  igfx - ok
21:38:30.0188 0x17fc  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:38:30.0204 0x17fc  iirsp - ok
21:38:30.0266 0x17fc  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:38:30.0328 0x17fc  IKEEXT - ok
21:38:30.0484 0x17fc  [ C61B3B87F3856CEF0C9F204028C6860D, 74E9FE064A89ECB63AD57115E473F36E15DA1961408BF9FF4777F9D7EA104A02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:38:30.0594 0x17fc  IntcAzAudAddService - ok
21:38:30.0656 0x17fc  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:38:30.0672 0x17fc  intelide - ok
21:38:30.0718 0x17fc  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:38:30.0796 0x17fc  intelppm - ok
21:38:31.0062 0x17fc  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:38:31.0436 0x17fc  IPBusEnum - ok
21:38:31.0670 0x17fc  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:38:32.0122 0x17fc  IpFilterDriver - ok
21:38:32.0200 0x17fc  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:38:32.0294 0x17fc  iphlpsvc - ok
21:38:32.0310 0x17fc  IpInIp - ok
21:38:32.0356 0x17fc  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:38:32.0419 0x17fc  IPMIDRV - ok
21:38:32.0466 0x17fc  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:38:32.0497 0x17fc  IPNAT - ok
21:38:32.0575 0x17fc  [ 35828479CCB4EE3CFD7523AF63443D5B, CA582DB092DC049597268B8245F2EEFF5DB807CBE2CFABEA04EA00DD5ED9A2B6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:38:32.0622 0x17fc  iPod Service - ok
21:38:32.0684 0x17fc  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:38:32.0731 0x17fc  IRENUM - ok
21:38:32.0778 0x17fc  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:38:32.0778 0x17fc  isapnp - ok
21:38:32.0856 0x17fc  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:38:32.0871 0x17fc  iScsiPrt - ok
21:38:32.0902 0x17fc  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:38:32.0918 0x17fc  iteatapi - ok
21:38:32.0965 0x17fc  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:38:32.0980 0x17fc  iteraid - ok
21:38:33.0012 0x17fc  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:38:33.0027 0x17fc  kbdclass - ok
21:38:33.0043 0x17fc  [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:38:33.0121 0x17fc  kbdhid - ok
21:38:33.0152 0x17fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
21:38:33.0214 0x17fc  KeyIso - ok
21:38:33.0277 0x17fc  [ E9648A2E6691B3BF0D17697640B8F7EB, 6832F086C3AD0BBB57A5D3B1B3DE8EAFB9F8E63906A70A77770B421670D61F8C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:38:33.0308 0x17fc  KSecDD - ok
21:38:33.0386 0x17fc  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:38:33.0464 0x17fc  KtmRm - ok
21:38:33.0526 0x17fc  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:38:33.0604 0x17fc  LanmanServer - ok
21:38:33.0651 0x17fc  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:38:33.0714 0x17fc  LanmanWorkstation - ok
21:38:33.0760 0x17fc  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:38:33.0807 0x17fc  lltdio - ok
21:38:33.0870 0x17fc  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:38:33.0948 0x17fc  lltdsvc - ok
21:38:33.0994 0x17fc  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:38:34.0072 0x17fc  lmhosts - ok
21:38:34.0104 0x17fc  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:38:34.0119 0x17fc  LSI_FC - ok
21:38:34.0150 0x17fc  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:38:34.0166 0x17fc  LSI_SAS - ok
21:38:34.0182 0x17fc  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:38:34.0197 0x17fc  LSI_SCSI - ok
21:38:34.0228 0x17fc  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:38:34.0291 0x17fc  luafv - ok
21:38:34.0353 0x17fc  [ AF280405C10F0D20F37670B7432E5C2F, 89EDF1B686CA6FE2516A5771AD80D6E8A6B022BA3D31E7988C2D2078CE45BEBA ] lvpopflt        C:\Windows\system32\DRIVERS\lvpopflt.sys
21:38:34.0384 0x17fc  lvpopflt - ok
21:38:34.0416 0x17fc  [ 8BE71D7EDB8C7494913722059F760DD0, BA02D1EC025BDA8ADAE34483AB6B422A75D0C11392761F83BCB0D0ADB5B1EAE2 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
21:38:34.0416 0x17fc  LVPr2Mon - ok
21:38:34.0509 0x17fc  [ 2333057542C91AE8228BDCCC2E5F2632, 51324D2D468DCDEA039F848585F6C78F99801D2725F7ACED2466E2D20BF112CD ] LVPrcSrv        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
21:38:34.0525 0x17fc  LVPrcSrv - ok
21:38:34.0556 0x17fc  [ E52F5A2CADCF08D07F559962F807A0A2, 5AC12B9D43E593BD037DD4AB0414BC348762CEAEEB9031BF67F81A0E92AB6DC3 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
21:38:34.0587 0x17fc  LVRS - ok
21:38:35.0024 0x17fc  [ C3D02260BEB2B48DEA1EFDFCA91E4B69, 7A0E53F217E1F57ED81845904886FDE500C09261BE352DC101CEF8B95A235D7D ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
21:38:35.0991 0x17fc  LVUVC - ok
21:38:36.0069 0x17fc  [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:38:36.0085 0x17fc  MBAMProtector - ok
21:38:36.0178 0x17fc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
21:38:36.0256 0x17fc  MBAMService - ok
21:38:36.0319 0x17fc  [ EAFEB8DF3B5B2AD7848B4C367FDD6E05, 7444D9DB01D28100831CDE3208829784225A92C4CDF9ED594EA3DD8F5FEAEA98 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:38:36.0334 0x17fc  MBAMWebAccessControl - ok
21:38:36.0381 0x17fc  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:38:36.0397 0x17fc  Mcx2Svc - ok
21:38:36.0459 0x17fc  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:38:36.0490 0x17fc  mdmxsdk - ok
21:38:36.0537 0x17fc  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:38:36.0553 0x17fc  megasas - ok
21:38:36.0584 0x17fc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
21:38:36.0631 0x17fc  MMCSS - ok
21:38:36.0662 0x17fc  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
21:38:36.0724 0x17fc  Modem - ok
21:38:36.0787 0x17fc  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:38:36.0849 0x17fc  monitor - ok
21:38:36.0896 0x17fc  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:38:36.0912 0x17fc  mouclass - ok
21:38:36.0943 0x17fc  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:38:36.0990 0x17fc  mouhid - ok
21:38:37.0021 0x17fc  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:38:37.0036 0x17fc  MountMgr - ok
21:38:37.0130 0x17fc  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:38:37.0146 0x17fc  MozillaMaintenance - ok
21:38:37.0177 0x17fc  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:38:37.0192 0x17fc  mpio - ok
21:38:37.0239 0x17fc  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:38:37.0302 0x17fc  mpsdrv - ok
21:38:37.0364 0x17fc  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:38:37.0442 0x17fc  MpsSvc - ok
21:38:37.0473 0x17fc  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:38:37.0473 0x17fc  Mraid35x - ok
21:38:37.0520 0x17fc  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:38:37.0551 0x17fc  MRxDAV - ok
21:38:37.0598 0x17fc  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:38:37.0660 0x17fc  mrxsmb - ok
21:38:37.0692 0x17fc  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:38:37.0738 0x17fc  mrxsmb10 - ok
21:38:37.0770 0x17fc  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:38:37.0816 0x17fc  mrxsmb20 - ok
21:38:37.0863 0x17fc  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:38:37.0879 0x17fc  msahci - ok
21:38:37.0941 0x17fc  [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D, FEA8FB1B8752660EC6174542B24D234A61EBFF8318A5855B3E5C91DB86856CAB ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
21:38:37.0957 0x17fc  MSCSPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
21:38:39.0158 0x17fc  Detect skipped due to KSN trusted
21:38:39.0158 0x17fc  MSCSPTISRV - ok
21:38:39.0189 0x17fc  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:38:39.0205 0x17fc  msdsm - ok
21:38:39.0252 0x17fc  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
21:38:39.0314 0x17fc  MSDTC - ok
21:38:39.0376 0x17fc  [ 343291A4DFD7C923C3F71F550830EC1C, E62DEEE0ECA76DD276FA27B02F91EA1A5314BDE1EA0F919FA89238A7662B8CA5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
21:38:39.0423 0x17fc  MSDV - ok
21:38:39.0470 0x17fc  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:38:39.0517 0x17fc  Msfs - ok
21:38:39.0595 0x17fc  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:38:39.0610 0x17fc  msisadrv - ok
21:38:39.0657 0x17fc  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:38:39.0688 0x17fc  MSiSCSI - ok
21:38:39.0704 0x17fc  msiserver - ok
21:38:39.0751 0x17fc  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:38:39.0798 0x17fc  MSKSSRV - ok
21:38:39.0844 0x17fc  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:38:39.0891 0x17fc  MSPCLOCK - ok
21:38:39.0922 0x17fc  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:38:39.0938 0x17fc  MSPQM - ok
21:38:39.0985 0x17fc  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:38:40.0016 0x17fc  MsRPC - ok
21:38:40.0063 0x17fc  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:38:40.0078 0x17fc  mssmbios - ok
21:38:40.0125 0x17fc  MSSQL$VAIO_VEDB - ok
21:38:40.0156 0x17fc  [ ADAF062116B4E6D96E44D26486A87AF6, 1A2EE7C4598E8442F24A5C97FEBF7AC6A20703F7EA9097B6E48BE4A05E231D8C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:38:40.0172 0x17fc  MSSQLServerADHelper - ok
21:38:40.0203 0x17fc  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:38:40.0250 0x17fc  MSTEE - ok
21:38:40.0297 0x17fc  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:38:40.0312 0x17fc  Mup - ok
21:38:40.0375 0x17fc  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
21:38:40.0437 0x17fc  napagent - ok
21:38:40.0515 0x17fc  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:38:40.0578 0x17fc  NativeWifiP - ok
21:38:40.0640 0x17fc  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:38:40.0687 0x17fc  NDIS - ok
21:38:40.0702 0x17fc  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:38:40.0749 0x17fc  NdisTapi - ok
21:38:40.0796 0x17fc  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:38:40.0858 0x17fc  Ndisuio - ok
21:38:40.0905 0x17fc  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:38:40.0952 0x17fc  NdisWan - ok
21:38:41.0014 0x17fc  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:38:41.0061 0x17fc  NDProxy - ok
21:38:41.0092 0x17fc  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:38:41.0139 0x17fc  NetBIOS - ok
21:38:41.0186 0x17fc  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:38:41.0248 0x17fc  netbt - ok
21:38:41.0280 0x17fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
21:38:41.0295 0x17fc  Netlogon - ok
21:38:41.0358 0x17fc  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
21:38:41.0436 0x17fc  Netman - ok
21:38:41.0514 0x17fc  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
21:38:41.0623 0x17fc  netprofm - ok
21:38:41.0670 0x17fc  [ 53CB95A39E4ABBD421535CB38F4174DE, 70DF28B200E998D2FA59D2D8DDC71370F6CF50196EAC1ABEB0AAB74221A667D7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:38:41.0685 0x17fc  NetTcpPortSharing - ok
21:38:41.0935 0x17fc  [ ACC6170D80C69E50145B370023B64ED3, 62F04F8F601A0A227EC14577278BAEA579483181DDB7A8B0B351C8A5A9CCE5D4 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
21:38:42.0106 0x17fc  NETw3v32 - ok
21:38:42.0153 0x17fc  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:38:42.0169 0x17fc  nfrd960 - ok
21:38:42.0216 0x17fc  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:38:42.0247 0x17fc  NlaSvc - ok
21:38:42.0294 0x17fc  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:38:42.0325 0x17fc  Npfs - ok
21:38:42.0356 0x17fc  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
21:38:42.0403 0x17fc  nsi - ok
21:38:42.0434 0x17fc  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:38:42.0481 0x17fc  nsiproxy - ok
21:38:42.0574 0x17fc  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:38:42.0652 0x17fc  Ntfs - ok
21:38:42.0699 0x17fc  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:38:42.0762 0x17fc  ntrigdigi - ok
21:38:42.0808 0x17fc  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
21:38:42.0855 0x17fc  Null - ok
21:38:42.0886 0x17fc  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:38:42.0902 0x17fc  nvraid - ok
21:38:42.0933 0x17fc  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:38:42.0949 0x17fc  nvstor - ok
21:38:42.0980 0x17fc  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:38:42.0996 0x17fc  nv_agp - ok
21:38:43.0011 0x17fc  NwlnkFlt - ok
21:38:43.0011 0x17fc  NwlnkFwd - ok
21:38:43.0074 0x17fc  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:38:43.0120 0x17fc  ohci1394 - ok
21:38:43.0198 0x17fc  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:38:43.0214 0x17fc  ose - ok
21:38:43.0308 0x17fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:38:43.0401 0x17fc  p2pimsvc - ok
21:38:43.0432 0x17fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:38:43.0479 0x17fc  p2psvc - ok
21:38:43.0542 0x17fc  [ 753A8F339F231D2B857E2CCD51A6E6CA, 59510E69D623B9DA725A8097A44FD210FCF05BB3BA27D5296EA4610359DA0831 ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
21:38:43.0604 0x17fc  PACSPTISVR - detected UnsignedFile.Multi.Generic ( 1 )
21:38:44.0774 0x17fc  Detect skipped due to KSN trusted
21:38:44.0774 0x17fc  PACSPTISVR - ok
21:38:44.0821 0x17fc  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
21:38:44.0899 0x17fc  Parport - ok
21:38:44.0946 0x17fc  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:38:44.0961 0x17fc  partmgr - ok
21:38:44.0992 0x17fc  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:38:45.0070 0x17fc  Parvdm - ok
21:38:45.0102 0x17fc  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:38:45.0180 0x17fc  PcaSvc - ok
21:38:45.0211 0x17fc  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:38:45.0258 0x17fc  pccsmcfd - ok
21:38:45.0304 0x17fc  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
21:38:45.0336 0x17fc  pci - ok
21:38:45.0351 0x17fc  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
21:38:45.0367 0x17fc  pciide - ok
21:38:45.0414 0x17fc  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:38:45.0445 0x17fc  pcmcia - ok
21:38:45.0523 0x17fc  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:38:45.0679 0x17fc  PEAUTH - ok
21:38:45.0819 0x17fc  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
21:38:45.0975 0x17fc  pla - ok
21:38:46.0038 0x17fc  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:38:46.0100 0x17fc  PlugPlay - ok
21:38:46.0162 0x17fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:38:46.0240 0x17fc  PNRPAutoReg - ok
21:38:46.0272 0x17fc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:38:46.0318 0x17fc  PNRPsvc - ok
21:38:46.0365 0x17fc  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:38:46.0459 0x17fc  PolicyAgent - ok
21:38:46.0521 0x17fc  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:38:46.0568 0x17fc  PptpMiniport - ok
21:38:46.0630 0x17fc  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
21:38:46.0708 0x17fc  Processor - ok
21:38:46.0755 0x17fc  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:38:46.0786 0x17fc  ProfSvc - ok
21:38:46.0802 0x17fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
21:38:46.0833 0x17fc  ProtectedStorage - ok
21:38:46.0864 0x17fc  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:38:46.0911 0x17fc  PSched - ok
21:38:46.0989 0x17fc  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
21:38:47.0005 0x17fc  PxHelp20 - ok
21:38:47.0067 0x17fc  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:38:47.0130 0x17fc  ql2300 - ok
21:38:47.0176 0x17fc  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:38:47.0192 0x17fc  ql40xx - ok
21:38:47.0254 0x17fc  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
21:38:47.0286 0x17fc  QWAVE - ok
21:38:47.0332 0x17fc  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:38:47.0364 0x17fc  QWAVEdrv - ok
21:38:47.0410 0x17fc  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:38:47.0457 0x17fc  RasAcd - ok
21:38:47.0504 0x17fc  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
21:38:47.0551 0x17fc  RasAuto - ok
21:38:47.0598 0x17fc  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:47.0660 0x17fc  Rasl2tp - ok
21:38:47.0722 0x17fc  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
21:38:47.0785 0x17fc  RasMan - ok
21:38:47.0832 0x17fc  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:47.0878 0x17fc  RasPppoe - ok
21:38:47.0925 0x17fc  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:38:47.0972 0x17fc  RasSstp - ok
21:38:48.0034 0x17fc  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:38:48.0066 0x17fc  rdbss - ok
21:38:48.0112 0x17fc  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:48.0159 0x17fc  RDPCDD - ok
21:38:48.0253 0x17fc  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:38:48.0362 0x17fc  rdpdr - ok
21:38:48.0378 0x17fc  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:38:48.0424 0x17fc  RDPENCDD - ok
21:38:48.0487 0x17fc  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:38:48.0534 0x17fc  RDPWD - ok
21:38:48.0596 0x17fc  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:38:48.0674 0x17fc  RemoteAccess - ok
21:38:48.0721 0x17fc  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:38:48.0768 0x17fc  RemoteRegistry - ok
21:38:48.0814 0x17fc  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:38:48.0861 0x17fc  RFCOMM - ok
21:38:48.0908 0x17fc  [ F17713D108ACA124A139FDE877EEF68A, AB254B8B4BDB10685280A8595CA69FEA2F1E68923E676C8CAF3F5468AE4C566E ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
21:38:48.0939 0x17fc  RimUsb - ok
21:38:48.0955 0x17fc  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
21:38:49.0033 0x17fc  RpcLocator - ok
21:38:49.0126 0x17fc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
21:38:49.0173 0x17fc  RpcSs - ok
21:38:49.0204 0x17fc  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:38:49.0267 0x17fc  rspndr - ok
21:38:49.0267 0x17fc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
21:38:49.0282 0x17fc  SamSs - ok
21:38:49.0329 0x17fc  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:38:49.0345 0x17fc  sbp2port - ok
21:38:49.0392 0x17fc  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:38:49.0454 0x17fc  SCardSvr - ok
21:38:49.0532 0x17fc  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
21:38:49.0641 0x17fc  Schedule - ok
21:38:49.0688 0x17fc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:38:49.0704 0x17fc  SCPolicySvc - ok
21:38:49.0750 0x17fc  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:38:49.0828 0x17fc  SDRSVC - ok
21:38:49.0860 0x17fc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:38:49.0891 0x17fc  secdrv - ok
21:38:49.0922 0x17fc  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
21:38:49.0953 0x17fc  seclogon - ok
21:38:49.0969 0x17fc  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
21:38:50.0031 0x17fc  SENS - ok
21:38:50.0047 0x17fc  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:38:50.0094 0x17fc  Serenum - ok
21:38:50.0125 0x17fc  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
21:38:50.0187 0x17fc  Serial - ok
21:38:50.0203 0x17fc  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:38:50.0234 0x17fc  sermouse - ok
21:38:50.0312 0x17fc  [ 5BF59C6BC737BAAF541168E5CB2EC1D9, D792C95C54B9B7A5386EA75318DEF064000F3EDC48845D8EC152A4A6DB931734 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:38:50.0406 0x17fc  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
21:38:51.0654 0x17fc  Detect skipped due to KSN trusted
21:38:51.0654 0x17fc  ServiceLayer - ok
21:38:51.0716 0x17fc  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:38:51.0763 0x17fc  SessionEnv - ok
21:38:51.0810 0x17fc  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:38:51.0872 0x17fc  sffdisk - ok
21:38:51.0903 0x17fc  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:38:51.0981 0x17fc  sffp_mmc - ok
21:38:52.0012 0x17fc  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:38:52.0075 0x17fc  sffp_sd - ok
21:38:52.0090 0x17fc  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:38:52.0168 0x17fc  sfloppy - ok
21:38:52.0215 0x17fc  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:38:52.0278 0x17fc  SharedAccess - ok
21:38:52.0340 0x17fc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:38:52.0371 0x17fc  ShellHWDetection - ok
21:38:52.0418 0x17fc  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:38:52.0434 0x17fc  sisagp - ok
21:38:52.0449 0x17fc  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:38:52.0465 0x17fc  SiSRaid2 - ok
21:38:52.0496 0x17fc  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:38:52.0512 0x17fc  SiSRaid4 - ok
21:38:52.0621 0x17fc  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:38:52.0636 0x17fc  SkypeUpdate - ok
21:38:52.0870 0x17fc  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
21:38:53.0182 0x17fc  slsvc - ok
21:38:53.0245 0x17fc  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:38:53.0292 0x17fc  SLUINotify - ok
21:38:53.0338 0x17fc  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:38:53.0370 0x17fc  Smb - ok
21:38:53.0416 0x17fc  [ DB31D8989B3450569C29780E7FA98C48, 018EFDF37E45163D2D6753B86AC7DB51F835E6A7CF58B2AAFEF559E873264065 ] SNC             C:\Windows\system32\Drivers\SonyNC.sys
21:38:53.0448 0x17fc  SNC - ok
21:38:53.0463 0x17fc  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:38:53.0479 0x17fc  SNMPTRAP - ok
21:38:53.0541 0x17fc  [ 86DA2BEFB800D726FEA98A539606553C, 62ABEAC563828302871AEB91E3C297EDC7A3CA9483A17E19B3BFE7A332A07557 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
21:38:53.0557 0x17fc  SonicStage Back-End Service - ok
21:38:53.0588 0x17fc  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:38:53.0604 0x17fc  spldr - ok
21:38:53.0650 0x17fc  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
21:38:53.0682 0x17fc  Spooler - ok
21:38:53.0728 0x17fc  [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1, BDCCF36D760B8B92BD8DF54C6F2992D66B76EBA1999623F60F0D68CD91D3CEE1 ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
21:38:53.0744 0x17fc  SPTISRV - detected UnsignedFile.Multi.Generic ( 1 )
21:38:55.0023 0x17fc  Detect skipped due to KSN trusted
21:38:55.0023 0x17fc  SPTISRV - ok
21:38:55.0086 0x17fc  [ 5673E79BBB62A4C35B10D821FF1B4ACA, 26B809F1AC8B988E8DA86522A11DE03DF6FDBC09A09F3A359306DAAFBA4038FD ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:38:55.0117 0x17fc  SQLBrowser - ok
21:38:55.0132 0x17fc  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:38:55.0148 0x17fc  SQLWriter - ok
21:38:55.0210 0x17fc  [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:38:55.0288 0x17fc  srv - ok
21:38:55.0335 0x17fc  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:38:55.0382 0x17fc  srv2 - ok
21:38:55.0413 0x17fc  [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:38:55.0460 0x17fc  srvnet - ok
21:38:55.0507 0x17fc  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:38:55.0554 0x17fc  SSDPSRV - ok
21:38:55.0585 0x17fc  [ 6EB13F919D22D5056B4FB66AA3BB497A, B6FBF170873BCA1C4CC10D7AB6564CBE5EF2E62306758F8FE23CB8A66A839B7E ] SSScsiSV        C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
21:38:55.0600 0x17fc  SSScsiSV - ok
21:38:55.0678 0x17fc  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:38:55.0725 0x17fc  SstpSvc - ok
21:38:55.0788 0x17fc  [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:38:55.0803 0x17fc  ssudmdm - ok
21:38:55.0897 0x17fc  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
21:38:55.0944 0x17fc  stisvc - ok
21:38:55.0959 0x17fc  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:38:55.0975 0x17fc  swenum - ok
21:38:56.0037 0x17fc  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
21:38:56.0084 0x17fc  swprv - ok
21:38:56.0115 0x17fc  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:38:56.0131 0x17fc  Symc8xx - ok
21:38:56.0162 0x17fc  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:38:56.0162 0x17fc  Sym_hi - ok
21:38:56.0193 0x17fc  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:38:56.0209 0x17fc  Sym_u3 - ok
21:38:56.0271 0x17fc  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
21:38:56.0334 0x17fc  SysMain - ok
21:38:56.0365 0x17fc  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:38:56.0412 0x17fc  TabletInputService - ok
21:38:56.0458 0x17fc  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:38:56.0521 0x17fc  TapiSrv - ok
21:38:56.0583 0x17fc  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
21:38:56.0614 0x17fc  TBS - ok
21:38:56.0708 0x17fc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:38:56.0770 0x17fc  Tcpip - ok
21:38:56.0817 0x17fc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:38:56.0880 0x17fc  Tcpip6 - ok
21:38:56.0911 0x17fc  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:38:56.0973 0x17fc  tcpipreg - ok
21:38:57.0004 0x17fc  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:38:57.0036 0x17fc  TDPIPE - ok
21:38:57.0082 0x17fc  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:38:57.0160 0x17fc  TDTCP - ok
21:38:57.0192 0x17fc  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:38:57.0238 0x17fc  tdx - ok
21:38:57.0426 0x17fc  [ 1A35E7079C650D9EB17B55E4FF4C0DCD, 4ADA2D82868CD55F602B32C619CCF5E813AC648F0EC7416E3AD9ECBDCBF3B833 ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
21:38:57.0550 0x17fc  TeamViewer5 - ok
21:38:57.0628 0x17fc  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:38:57.0644 0x17fc  TermDD - ok
21:38:57.0722 0x17fc  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
21:38:57.0816 0x17fc  TermService - ok
21:38:57.0847 0x17fc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
21:38:57.0894 0x17fc  Themes - ok
21:38:57.0909 0x17fc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
21:38:57.0940 0x17fc  THREADORDER - ok
21:38:58.0018 0x17fc  [ 909CD987B54A8179C9AEE874D754721A, E532791D8DC9B861E6486BC35C25F0263D2581F01181AE3964BC6A0503E678F8 ] ti21sony        C:\Windows\system32\drivers\ti21sony.sys
21:38:58.0143 0x17fc  ti21sony - ok
21:38:58.0206 0x17fc  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
21:38:58.0268 0x17fc  TrkWks - ok
21:38:58.0346 0x17fc  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:38:58.0393 0x17fc  TrustedInstaller - ok
21:38:58.0440 0x17fc  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:58.0533 0x17fc  tssecsrv - ok
21:38:58.0564 0x17fc  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:38:58.0580 0x17fc  tunmp - ok
21:38:58.0627 0x17fc  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:38:58.0689 0x17fc  tunnel - ok
21:38:58.0736 0x17fc  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:38:58.0767 0x17fc  uagp35 - ok
21:38:58.0798 0x17fc  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:38:58.0845 0x17fc  udfs - ok
21:38:58.0892 0x17fc  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:38:58.0954 0x17fc  UI0Detect - ok
21:38:58.0970 0x17fc  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:38:58.0986 0x17fc  uliagpkx - ok
21:38:59.0032 0x17fc  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:38:59.0064 0x17fc  uliahci - ok
21:38:59.0095 0x17fc  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:38:59.0110 0x17fc  UlSata - ok
21:38:59.0142 0x17fc  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:38:59.0157 0x17fc  ulsata2 - ok
21:38:59.0204 0x17fc  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:38:59.0266 0x17fc  umbus - ok
21:38:59.0329 0x17fc  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
21:38:59.0407 0x17fc  upnphost - ok
21:38:59.0438 0x17fc  upperdev - ok
21:38:59.0500 0x17fc  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:38:59.0563 0x17fc  USBAAPL - ok
21:38:59.0625 0x17fc  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:38:59.0656 0x17fc  usbaudio - ok
21:38:59.0719 0x17fc  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:59.0797 0x17fc  usbccgp - ok
21:38:59.0859 0x17fc  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:38:59.0922 0x17fc  usbcir - ok
21:38:59.0953 0x17fc  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:38:59.0968 0x17fc  usbehci - ok
21:39:00.0000 0x17fc  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:39:00.0015 0x17fc  usbhub - ok
21:39:00.0046 0x17fc  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:39:00.0109 0x17fc  usbohci - ok
21:39:00.0218 0x17fc  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:39:00.0280 0x17fc  usbprint - ok
21:39:00.0312 0x17fc  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:39:00.0358 0x17fc  usbscan - ok
21:39:00.0390 0x17fc  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:39:00.0452 0x17fc  USBSTOR - ok
21:39:00.0499 0x17fc  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:39:00.0546 0x17fc  usbuhci - ok
21:39:00.0608 0x17fc  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:39:00.0670 0x17fc  usbvideo - ok
21:39:00.0733 0x17fc  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
21:39:00.0889 0x17fc  UxSms - ok
21:39:00.0967 0x17fc  [ 4E9C6BF8D0655BB7538088DC6F2306D9, 915029F7C1B5B03B9EB7A6AE0E052594809CABCCF20F998B9414604D09D2B8AF ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
21:39:01.0014 0x17fc  VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic ( 1 )
21:39:02.0246 0x17fc  Detect skipped due to KSN trusted
21:39:02.0246 0x17fc  VAIO Entertainment TV Device Arbitration Service - ok
21:39:02.0355 0x17fc  [ 8A9F18ADAD471402236CA931553BF79B, D6FBECC83C5A8052C3F65A6B43BC42466212D9BE3B704CC150A8BA49E37F0291 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
21:39:02.0371 0x17fc  VAIO Event Service - ok
21:39:03.0307 0x17fc  [ 88DC6B884824A578B0E1E9C3790C105B, E269CD0ACA3DA6FC0E0913C1FB146EC89F58B86AC2B1AA1554599C532DD88655 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
21:39:03.0619 0x17fc  VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic ( 1 )
21:39:04.0976 0x17fc  Detect skipped due to KSN trusted
21:39:04.0976 0x17fc  VAIOMediaPlatform-IntegratedServer-AppServer - ok
21:39:05.0132 0x17fc  [ 56E33AAA46CBA8431E72486196AFB3A1, 8AD1759AF582C3AF21855BEEA190FAAD297D98567130BD8FFDAF3C12168A41A7 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:39:05.0210 0x17fc  VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:06.0458 0x17fc  Detect skipped due to KSN trusted
21:39:06.0458 0x17fc  VAIOMediaPlatform-IntegratedServer-HTTP - ok
21:39:06.0895 0x17fc  [ ADDF0E4E19BD2FF0A0B852D324FDC281, 848E81C9986B9FB52652EB073852412BE02A7A97CA2A062A8D0A959865869726 ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:39:07.0004 0x17fc  VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:08.0158 0x17fc  Detect skipped due to KSN trusted
21:39:08.0158 0x17fc  VAIOMediaPlatform-IntegratedServer-UPnP - ok
21:39:08.0408 0x17fc  [ 52D4F568FE7D05AE5026B8717EEB59EB, BF263043A756EFC4853C28A1F62FC56C43810A4734D16EBBCE6E9B71283CBE05 ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
21:39:08.0470 0x17fc  VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic ( 1 )
21:39:09.0640 0x17fc  Detect skipped due to KSN trusted
21:39:09.0640 0x17fc  VAIOMediaPlatform-UCLS-AppServer - ok
21:39:09.0703 0x17fc  [ 56E33AAA46CBA8431E72486196AFB3A1, 8AD1759AF582C3AF21855BEEA190FAAD297D98567130BD8FFDAF3C12168A41A7 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:39:09.0765 0x17fc  VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:09.0765 0x17fc  Detect skipped due to KSN trusted
21:39:09.0765 0x17fc  VAIOMediaPlatform-UCLS-HTTP - ok
21:39:10.0124 0x17fc  [ ADDF0E4E19BD2FF0A0B852D324FDC281, 848E81C9986B9FB52652EB073852412BE02A7A97CA2A062A8D0A959865869726 ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:39:10.0186 0x17fc  VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic ( 1 )
21:39:10.0186 0x17fc  Detect skipped due to KSN trusted
21:39:10.0186 0x17fc  VAIOMediaPlatform-UCLS-UPnP - ok
21:39:10.0186 0x17fc  Vcsw - ok
21:39:10.0280 0x17fc  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
21:39:10.0342 0x17fc  vds - ok
21:39:10.0389 0x17fc  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:39:10.0436 0x17fc  vga - ok
21:39:10.0545 0x17fc  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:39:10.0639 0x17fc  VgaSave - ok
21:39:10.0654 0x17fc  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:39:10.0686 0x17fc  viaagp - ok
21:39:10.0717 0x17fc  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:39:10.0795 0x17fc  ViaC7 - ok
21:39:10.0826 0x17fc  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:39:10.0857 0x17fc  viaide - ok
21:39:10.0888 0x17fc  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:39:10.0904 0x17fc  volmgr - ok
21:39:10.0998 0x17fc  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:39:11.0060 0x17fc  volmgrx - ok
21:39:11.0122 0x17fc  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:39:11.0154 0x17fc  volsnap - ok
21:39:11.0200 0x17fc  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:39:11.0294 0x17fc  vsmraid - ok
21:39:11.0388 0x17fc  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
21:39:11.0544 0x17fc  VSS - ok
21:39:11.0762 0x17fc  [ AD137204D107A60D563030145C3BE695, 4470AD9D1D2B0302A2CAA56CD3847287D9CEC56D274405B4B8DF4448EFD45EB0 ] VUAgent         C:\Program Files\sony\VAIO Update 5\VUAgent.exe
21:39:11.0840 0x17fc  VUAgent - ok
21:39:11.0918 0x17fc  [ 5FEB20D9ED9A2BD4F234222B0A3BB855, 8B1BD9F0FE5839F0F5E7E4ED418B79CF6305AF7BA0D4849330D0CD18156C8350 ] VzCdbSvc        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
21:39:11.0965 0x17fc  VzCdbSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:39:13.0260 0x17fc  Detect skipped due to KSN trusted
21:39:13.0260 0x17fc  VzCdbSvc - ok
21:39:13.0353 0x17fc  [ 3757DFD3C07896EF660D4060366E7B4E, 0FCA391810B88D684CB9344883192AFB62CE5B9E6D37185FD8EB4DD4566CE6AB ] VzFw            C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
21:39:13.0400 0x17fc  VzFw - detected UnsignedFile.Multi.Generic ( 1 )
21:39:14.0601 0x17fc  Detect skipped due to KSN trusted
21:39:14.0601 0x17fc  VzFw - ok
21:39:14.0695 0x17fc  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
21:39:14.0757 0x17fc  W32Time - ok
21:39:14.0788 0x17fc  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:39:14.0866 0x17fc  WacomPen - ok
21:39:14.0929 0x17fc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:39:14.0960 0x17fc  Wanarp - ok
21:39:14.0960 0x17fc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:39:14.0991 0x17fc  Wanarpv6 - ok
21:39:15.0085 0x17fc  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:39:15.0178 0x17fc  wcncsvc - ok
21:39:15.0225 0x17fc  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:39:15.0256 0x17fc  WcsPlugInService - ok
21:39:15.0303 0x17fc  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
21:39:15.0334 0x17fc  Wd - ok
21:39:15.0412 0x17fc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:39:15.0475 0x17fc  Wdf01000 - ok
21:39:15.0537 0x17fc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:39:15.0600 0x17fc  WdiServiceHost - ok
21:39:15.0600 0x17fc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:39:15.0646 0x17fc  WdiSystemHost - ok
21:39:15.0693 0x17fc  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
21:39:15.0787 0x17fc  WebClient - ok
21:39:15.0834 0x17fc  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:39:15.0927 0x17fc  Wecsvc - ok
21:39:15.0974 0x17fc  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:39:16.0036 0x17fc  wercplsupport - ok
21:39:16.0083 0x17fc  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:39:16.0177 0x17fc  WerSvc - ok
21:39:16.0255 0x17fc  [ 6D2350BB6E77E800FC4BE4E5B7A2E89A, 5C70AA76991B85D4EA52C70A03C932B34B51133CC55B3F4CC25F4A7044574885 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:39:16.0333 0x17fc  winachsf - ok
21:39:16.0426 0x17fc  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:39:16.0458 0x17fc  WinDefend - ok
21:39:16.0458 0x17fc  WinHttpAutoProxySvc - ok
21:39:16.0614 0x17fc  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:39:16.0645 0x17fc  Winmgmt - ok
21:39:16.0926 0x17fc  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:39:17.0175 0x17fc  WinRM - ok
21:39:17.0284 0x17fc  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:39:17.0472 0x17fc  Wlansvc - ok
21:39:17.0503 0x17fc  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:39:17.0565 0x17fc  WmiAcpi - ok
21:39:17.0612 0x17fc  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:39:17.0674 0x17fc  wmiApSrv - ok
21:39:17.0955 0x17fc  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:39:18.0049 0x17fc  WMPNetworkSvc - ok
21:39:18.0111 0x17fc  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:39:18.0189 0x17fc  WPCSvc - ok
21:39:18.0220 0x17fc  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:39:18.0298 0x17fc  WPDBusEnum - ok
21:39:18.0345 0x17fc  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:39:18.0361 0x17fc  WpdUsb - ok
21:39:18.0938 0x17fc  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:39:19.0000 0x17fc  WPFFontCache_v0400 - ok
21:39:19.0047 0x17fc  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:39:19.0078 0x17fc  ws2ifsl - ok
21:39:19.0125 0x17fc  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:39:19.0172 0x17fc  wscsvc - ok
21:39:19.0219 0x17fc  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
21:39:19.0266 0x17fc  WSDPrintDevice - ok
21:39:19.0344 0x17fc  [ 65D1FF8AAFF4A7D8F787A290E5087816, 9681C1B3B683E7F9531CD223C4C09877C829EFF3C707DD826752A815C1CF8982 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
21:39:19.0406 0x17fc  WSDScan - ok
21:39:19.0422 0x17fc  WSearch - ok
21:39:19.0827 0x17fc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:39:19.0999 0x17fc  wuauserv - ok
21:39:20.0061 0x17fc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:39:20.0124 0x17fc  WudfPf - ok
21:39:20.0155 0x17fc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:39:20.0170 0x17fc  WUDFRd - ok
21:39:20.0217 0x17fc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:39:20.0280 0x17fc  wudfsvc - ok
21:39:20.0342 0x17fc  [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
21:39:20.0389 0x17fc  XAudio - ok
21:39:20.0498 0x17fc  [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
21:39:20.0545 0x17fc  XAudioService - ok
21:39:20.0623 0x17fc  [ 69222091B6285906AFF82E43681CF826, 7D3BED1B60D606B76688B5F8779A72FB4BB5735F59B48B9F69E8C2F73C1C6972 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
21:39:20.0701 0x17fc  yukonwlh - ok
21:39:20.0716 0x17fc  ================ Scan global ===============================
21:39:20.0763 0x17fc  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
21:39:20.0826 0x17fc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:39:20.0857 0x17fc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:39:20.0919 0x17fc  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
21:39:20.0935 0x17fc  [ Global ] - ok
21:39:20.0935 0x17fc  ================ Scan MBR ==================================
21:39:20.0950 0x17fc  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:39:23.0836 0x17fc  \Device\Harddisk0\DR0 - ok
21:39:23.0836 0x17fc  ================ Scan VBR ==================================
21:39:23.0868 0x17fc  [ 5F8B4F85C13045F128381E3F9B57882E ] \Device\Harddisk0\DR0\Partition1
21:39:23.0930 0x17fc  \Device\Harddisk0\DR0\Partition1 - ok
21:39:23.0930 0x17fc  ================ Scan generic autorun ======================
21:39:24.0148 0x17fc  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
21:39:24.0195 0x17fc  Windows Defender - ok
21:39:24.0273 0x17fc  [ 80762E7117CC630C1023A51823A5A43E, E03143C912ECB2D37959FD4F392306180CE74CC237B31164E54BA9F3EAE7EBC1 ] C:\Windows\system32\igfxtray.exe
21:39:24.0304 0x17fc  IgfxTray - ok
21:39:24.0351 0x17fc  [ 618442297DD5E593136826C499CD128F, 800FA80CADC8E14E96142F73AC0215DBCAFCE035E389A987F2546E2F2C7623DC ] C:\Windows\system32\hkcmd.exe
21:39:24.0382 0x17fc  HotKeysCmds - ok
21:39:24.0398 0x17fc  [ 312A2A79186803DF500566D825918DB0, E32957DD4CD20A55A196C72B4E0DADD86227C9D5454A65CBE7C5D80C935B6566 ] C:\Windows\system32\igfxpers.exe
21:39:24.0445 0x17fc  Persistence - ok
21:39:25.0428 0x17fc  [ A086B1BDCCA45A5D346187B14BE3D7BC, 0E359CF6A02107F5603FCD8EFB94946839B8D662E7E68DBCB30C6ED194706E01 ] C:\Windows\RtHDVCpl.exe
21:39:25.0896 0x17fc  RtHDVCpl - ok
21:39:26.0005 0x17fc  [ A50BB4FFB1498327FACC0E844039BDF2, 155EC714B7FDCFE113328997EC1E72B748BBEFFD00DC2178DF1B100CF43CB628 ] C:\Program Files\Apoint\Apoint.exe
21:39:26.0020 0x17fc  Apoint - ok
21:39:26.0098 0x17fc  [ 322CF4872B86852FB584AA37250AC619, 7C6576904A62E2187E9951B08F554D26597ADEC8BC484ABA70057F16D8DD69F2 ] C:\Program Files\FreePDF_XP\fpassist.exe
21:39:26.0114 0x17fc  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
21:39:27.0284 0x17fc  Detect skipped due to KSN trusted
21:39:27.0284 0x17fc  FreePDF Assistant - ok
21:39:27.0424 0x17fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:39:27.0565 0x17fc  Sidebar - ok
21:39:27.0580 0x17fc  WindowsWelcomeCenter - ok
21:39:27.0627 0x17fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:39:27.0705 0x17fc  Sidebar - ok
21:39:27.0705 0x17fc  WindowsWelcomeCenter - ok
21:39:27.0783 0x17fc  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
21:39:27.0799 0x17fc  ehTray.exe - ok
21:39:27.0846 0x17fc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:27.0861 0x17fc  swg - ok
21:39:28.0002 0x17fc  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
21:39:28.0017 0x17fc  Facebook Update - ok
21:39:28.0220 0x17fc  [ 36C632A8B799F8D1287B258B497F4795, 801A1B95863FAD10CD93B98C04EC756B9BDD6625A49B8D984767547EB8215B17 ] C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
21:39:28.0329 0x17fc  Spotify Web Helper - ok
21:39:29.0062 0x17fc  [ 97D2F09CA286D6223D4DFED75A7F9884, 4681BB3967AA27AC9C87264AABD97C1C06D681433DDCA19B6E6A313E1547BD7A ] C:\Users\Tobias\AppData\Roaming\Spotify\Spotify.exe
21:39:29.0577 0x17fc  Spotify - ok
21:39:29.0671 0x17fc  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehtray.exe
21:39:29.0702 0x17fc  Application Restart #0 - ok
21:39:29.0827 0x17fc  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
21:39:29.0889 0x17fc  Application Restart #1 - ok
21:39:29.0998 0x17fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0108 0x17fc  Sidebar - ok
21:39:30.0139 0x17fc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0139 0x17fc  swg - ok
21:39:30.0217 0x17fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0342 0x17fc  Sidebar - ok
21:39:30.0357 0x17fc  WindowsWelcomeCenter - ok
21:39:30.0357 0x17fc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0373 0x17fc  swg - ok
21:39:30.0435 0x17fc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:39:30.0544 0x17fc  Sidebar - ok
21:39:30.0544 0x17fc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:39:30.0560 0x17fc  swg - ok
21:39:30.0950 0x17fc  [ 76BEBE0FDE1DDDB9B70BEF85B40DDE70, 977228BD8634A8DDFC476C21859E56935325EA8C1CD1CB27445B13FF00E2F7D1 ] C:\Users\Gast\AppData\Roaming\Spotify\Spotify.exe
21:39:31.0527 0x17fc  Spotify - ok
21:39:31.0668 0x17fc  [ F10ADB851EF1BD5144FE6D1691CD7576, C35431A6D0A95722002A601BB076B8294603C17A8F4544856C2E2F75C5D42F3D ] C:\Users\Gast\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
21:39:31.0746 0x17fc  Spotify Web Helper - ok
21:39:31.0746 0x17fc  Waiting for KSN requests completion. In queue: 60
21:39:32.0760 0x17fc  Waiting for KSN requests completion. In queue: 60
21:39:34.0413 0x17fc  Win FW state via NFP2: enabled ( trusted )
21:39:35.0536 0x17fc  ============================================================
21:39:35.0536 0x17fc  Scan finished
21:39:35.0536 0x17fc  ============================================================
21:39:35.0536 0x00ac  Detected object count: 0
21:39:35.0536 0x00ac  Actual detected object count: 0
         

Alt 07.10.2015, 18:01   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.10.2015, 19:55   #9
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
ComboFix 15-10-06.01 - Tobias_2 07.10.2015  20:18:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.1013.196 [GMT 2:00]
ausgeführt von:: c:\users\Tobias_2\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\CddbCdda.dll
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-09-07 bis 2015-10-07  ))))))))))))))))))))))))))))))
.
.
2015-10-07 18:35 . 2015-10-07 18:35	--------	d-----w-	c:\users\Tobias\AppData\Local\temp
2015-10-07 18:35 . 2015-10-07 18:35	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2015-10-07 18:35 . 2015-10-07 18:35	--------	d-----w-	c:\users\Maike\AppData\Local\temp
2015-10-06 17:06 . 2015-10-06 18:42	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-06 16:39 . 2015-08-31 23:05	8884144	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FB3D25C-E3C2-48D7-8A84-172821434299}\mpengine.dll
2015-10-04 08:13 . 2015-10-05 17:59	--------	d-----w-	C:\FRST
2015-10-03 17:16 . 2015-10-03 17:16	--------	d-----w-	c:\program files\ESET
2015-10-03 16:20 . 2015-10-06 17:06	170200	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-03 16:19 . 2015-10-06 17:05	94936	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-03 16:19 . 2015-10-03 16:19	--------	d-----w-	c:\program files\ Malwarebytes Anti-Malware 
2015-10-03 16:19 . 2015-10-03 16:19	--------	d-----w-	c:\programdata\Malwarebytes
2015-10-03 16:19 . 2015-06-18 06:41	51928	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-03 16:19 . 2015-06-18 06:41	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-10-03 12:53 . 2015-01-29 01:35	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2015-10-03 12:52 . 2015-08-13 14:15	304640	----a-w-	c:\windows\system32\drivers\srv.sys
2015-10-03 12:52 . 2015-08-13 14:15	102912	----a-w-	c:\windows\system32\drivers\srvnet.sys
2015-10-03 12:51 . 2015-01-29 01:35	975360	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-10-03 12:50 . 2015-07-21 20:55	1206192	----a-w-	c:\windows\system32\ntdll.dll
2015-10-03 12:50 . 2015-07-21 16:07	56256	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-10-03 12:50 . 2015-07-21 16:07	140224	----a-w-	c:\windows\system32\drivers\ecache.sys
2015-10-03 12:50 . 2015-07-21 16:03	10752	----a-w-	c:\windows\system32\msmmsp.dll
2015-10-03 12:50 . 2015-07-21 16:03	49664	----a-w-	c:\windows\system32\csrsrv.dll
2015-10-03 12:50 . 2015-07-21 16:07	3605440	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-10-03 12:50 . 2015-07-21 16:03	564224	----a-w-	c:\windows\system32\emdmgmt.dll
2015-10-03 12:50 . 2015-07-21 16:07	3553216	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-10-03 12:49 . 2015-07-03 16:04	1316864	----a-w-	c:\windows\system32\ole32.dll
2015-10-03 12:48 . 2015-09-02 21:26	1402368	----a-w-	c:\windows\system32\msxml6.dll
2015-10-03 12:48 . 2015-09-02 21:26	1253376	----a-w-	c:\windows\system32\msxml3.dll
2015-10-03 12:46 . 2014-06-26 22:17	99480	----a-w-	c:\windows\system32\infocardapi.dll
2015-10-03 12:46 . 2014-06-26 22:17	619664	----a-w-	c:\windows\system32\icardagt.exe
2015-10-03 12:46 . 2014-06-26 22:17	8856	----a-w-	c:\windows\system32\icardres.dll
2015-10-03 12:45 . 2014-06-06 04:28	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-10-03 12:44 . 2015-07-31 19:27	103120	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 12:43 . 2014-06-15 22:18	1131664	----a-w-	c:\windows\system32\dfshim.dll
2015-10-03 12:43 . 2014-06-13 18:22	81560	----a-w-	c:\windows\system32\mscories.dll
2015-10-03 12:43 . 2014-06-13 18:22	156824	----a-w-	c:\windows\system32\mscorier.dll
2015-10-03 12:42 . 2014-06-02 10:30	33280	----a-w-	c:\windows\system32\appinfo.dll
2015-10-03 12:42 . 2014-06-02 08:56	82432	----a-w-	c:\windows\system32\consent.exe
2015-10-03 12:42 . 2015-06-17 16:50	2264576	----a-w-	c:\windows\system32\msi.dll
2015-10-03 12:42 . 2015-06-17 15:09	73216	----a-w-	c:\windows\system32\msiexec.exe
2015-10-03 12:42 . 2014-06-02 10:31	332800	----a-w-	c:\windows\system32\msihnd.dll
2015-10-03 12:42 . 2014-06-02 10:30	1993728	----a-w-	c:\windows\system32\authui.dll
2015-10-03 12:41 . 2014-10-10 01:00	146432	----a-w-	c:\windows\system32\msaudite.dll
2015-10-03 12:41 . 2014-10-09 23:22	619520	----a-w-	c:\windows\system32\adtschema.dll
2015-10-03 12:41 . 2014-10-10 01:01	449536	----a-w-	c:\windows\system32\termsrv.dll
2015-10-03 12:40 . 2014-12-19 00:25	115200	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-10-03 12:39 . 2015-06-12 16:01	298496	----a-w-	c:\windows\system32\gdi32.dll
2015-10-03 12:38 . 2015-04-24 15:54	532480	----a-w-	c:\windows\system32\comctl32.dll
2015-10-03 12:37 . 2015-07-10 19:37	2067968	----a-w-	c:\windows\system32\mstscax.dll
2015-10-03 12:27 . 2015-03-05 02:32	244152	----a-w-	c:\windows\system32\clfs.sys
2015-10-03 12:27 . 2015-03-05 02:23	57344	----a-w-	c:\windows\system32\clfsw32.dll
2015-10-03 12:26 . 2014-10-24 01:04	67072	----a-w-	c:\windows\system32\packager.dll
2015-10-03 12:23 . 2014-11-26 02:05	564224	----a-w-	c:\windows\system32\oleaut32.dll
2015-10-03 12:22 . 2015-07-18 16:03	68608	----a-w-	c:\windows\system32\basesrv.dll
2015-10-03 12:22 . 2015-01-09 00:18	64000	----a-w-	c:\windows\system32\smss.exe
2015-10-03 12:21 . 2015-01-21 02:02	807936	----a-w-	c:\windows\system32\msctf.dll
2015-10-03 12:21 . 2014-08-12 02:25	729600	----a-w-	c:\windows\system32\IMJP10K.DLL
2015-10-03 12:19 . 2015-07-10 14:21	2048	----a-w-	c:\windows\system32\tzres.dll
2015-10-03 12:18 . 2015-08-05 15:59	1220608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-10-03 12:18 . 2015-08-05 15:58	985600	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2015-10-03 12:18 . 2015-08-05 15:58	967680	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2015-10-03 12:18 . 2015-08-05 15:58	940032	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-10-03 12:18 . 2015-08-05 14:24	1850880	----a-w-	c:\program files\Windows Journal\Journal.exe
2015-10-03 12:18 . 2015-09-02 21:26	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-10-03 12:18 . 2015-09-02 19:55	2067456	----a-w-	c:\windows\system32\win32k.sys
2015-10-03 12:18 . 2015-09-02 19:54	297472	----a-w-	c:\windows\system32\atmfd.dll
2015-10-03 12:15 . 2015-08-05 15:59	602112	----a-w-	c:\windows\system32\schedsvc.dll
2015-10-03 12:14 . 2014-10-03 01:18	274432	----a-w-	c:\windows\system32\AUDIOKSE.dll
2015-10-03 12:14 . 2014-10-03 01:17	170496	----a-w-	c:\windows\system32\EncDump.dll
2015-10-03 12:14 . 2014-10-03 01:17	396800	----a-w-	c:\windows\system32\AudioEng.dll
2015-10-03 12:14 . 2014-10-03 01:17	316928	----a-w-	c:\windows\system32\audiosrv.dll
2015-10-03 12:14 . 2014-12-06 03:14	48640	----a-w-	c:\windows\system32\nlaapi.dll
2015-10-03 12:14 . 2014-12-06 03:14	174080	----a-w-	c:\windows\system32\nlasvc.dll
2015-10-03 12:14 . 2014-12-06 03:14	93184	----a-w-	c:\windows\system32\ncsi.dll
2015-10-03 12:13 . 2014-08-27 00:55	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-10-03 12:12 . 2015-05-31 08:11	225792	----a-w-	c:\windows\system32\cewmdm.dll
2015-10-03 11:51 . 2015-04-10 23:22	279552	----a-w-	c:\windows\system32\services.exe
2015-10-03 11:51 . 2015-07-31 21:46	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2015-10-03 11:51 . 2015-07-31 21:46	189952	----a-w-	c:\windows\system32\d3d10core.dll
2015-10-03 11:51 . 2015-07-31 21:46	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2015-10-03 11:51 . 2015-07-31 20:40	486400	----a-w-	c:\windows\system32\d3d10level9.dll
2015-10-03 11:51 . 2015-07-31 21:46	1029120	----a-w-	c:\windows\system32\d3d10.dll
2015-10-03 11:51 . 2015-07-31 20:41	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2015-10-03 11:51 . 2015-07-31 20:35	682496	----a-w-	c:\windows\system32\d2d1.dll
2015-10-03 11:51 . 2015-07-31 20:33	1072640	----a-w-	c:\windows\system32\DWrite.dll
2015-10-03 11:51 . 2015-07-31 20:33	802304	----a-w-	c:\windows\system32\FntCache.dll
2015-10-03 11:49 . 2015-06-27 16:02	218112	----a-w-	c:\windows\system32\msv1_0.dll
2015-10-03 11:49 . 2015-06-27 14:21	217088	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2015-10-03 11:49 . 2015-06-27 14:21	81408	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2015-10-03 11:49 . 2015-01-09 00:17	107008	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2015-10-03 11:49 . 2015-06-27 16:03	783872	----a-w-	c:\windows\system32\rpcrt4.dll
2015-10-03 11:49 . 2015-06-27 16:02	501248	----a-w-	c:\windows\system32\kerberos.dll
2015-10-03 11:49 . 2015-06-27 16:01	801280	----a-w-	c:\windows\system32\advapi32.dll
2015-10-03 11:49 . 2015-06-12 13:13	440768	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-10-03 11:49 . 2015-04-30 16:03	279040	----a-w-	c:\windows\system32\schannel.dll
2015-10-03 11:49 . 2014-10-10 01:00	1259008	----a-w-	c:\windows\system32\lsasrv.dll
2015-10-03 11:49 . 2014-09-04 23:27	143360	----a-w-	c:\windows\system32\drivers\fastfat.sys
2015-10-03 11:48 . 2014-12-08 01:59	306176	----a-w-	c:\windows\system32\scesrv.dll
2015-10-03 11:48 . 2015-07-01 15:57	199680	----a-w-	c:\windows\system32\WebClnt.dll
2015-10-03 11:47 . 2015-07-09 14:25	151040	----a-w-	c:\windows\system32\notepad.exe
2015-10-03 11:47 . 2015-07-09 14:25	151040	----a-w-	c:\windows\notepad.exe
2015-10-03 11:47 . 2015-05-04 22:50	7680	----a-w-	c:\windows\system32\spwmp.dll
2015-10-03 11:46 . 2015-05-04 22:50	4096	----a-w-	c:\windows\system32\msdxm.ocx
2015-10-03 11:46 . 2015-05-04 22:50	4096	----a-w-	c:\windows\system32\dxmasf.dll
2015-10-03 11:46 . 2015-05-04 21:21	107520	----a-w-	c:\program files\Windows Media Player\wmpconfig.exe
2015-10-03 11:46 . 2015-05-04 21:21	168960	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2015-10-03 11:46 . 2015-05-04 21:21	107520	----a-w-	c:\program files\Windows Media Player\wmpshare.exe
2015-10-03 11:46 . 2015-05-04 21:21	8147456	----a-w-	c:\windows\system32\wmploc.DLL
2015-10-03 11:45 . 2014-12-06 03:14	153600	----a-w-	c:\windows\system32\profsvc.dll
2015-10-03 11:44 . 2014-06-06 08:59	506880	----a-w-	c:\windows\system32\qedit.dll
2015-10-03 11:43 . 2014-05-30 06:53	273408	----a-w-	c:\windows\system32\drivers\afd.sys
2015-10-03 11:42 . 2014-04-05 02:42	905664	----a-w-	c:\windows\system32\drivers\tcpip.sys
2015-10-03 11:42 . 2014-04-26 16:01	502784	----a-w-	c:\windows\system32\usp10.dll
2015-10-03 11:42 . 2014-06-14 00:44	638400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2015-10-03 11:42 . 2014-06-14 00:33	37376	----a-w-	c:\windows\system32\cdd.dll
2015-10-03 11:42 . 2014-06-07 02:08	1305088	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-10-03 11:42 . 2014-06-07 02:08	149504	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2015-10-03 11:42 . 2014-06-07 02:08	114688	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-21 19:04 . 2013-03-23 10:15	780488	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-09-21 19:04 . 2011-10-16 00:25	142536	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6BF739DD-3323-4C6A-975B-C7E00A50B154}]
2015-01-23 05:05	3491192	----a-w-	c:\program files\Ghostery\bin\ghostery.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ffeOverlayIconNeg]
@="{0B8B6796-B56B-45D4-A016-09846E00FEA1}"
[HKEY_CLASSES_ROOT\CLSID\{0B8B6796-B56B-45D4-A016-09846E00FEA1}]
2008-11-26 10:37	98304	----a-w-	c:\program files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ffeOverlayIconPos]
@="{0B8B6796-B56B-45D4-A016-09846E00FEA0}"
[HKEY_CLASSES_ROOT\CLSID\{0B8B6796-B56B-45D4-A016-09846E00FEA0}]
2008-11-26 10:37	98304	----a-w-	c:\program files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-07 68856]
"GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-09-24 815944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-24 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-24 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-24 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-06 4317184]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-12 118784]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2007-06-26 312320]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-08-01 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 14:19	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-29 16:53	997704	----a-w-	c:\program files\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-23 19:05]
.
2015-10-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
- c:\users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-29 16:55]
.
2015-10-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
- c:\users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-29 16:55]
.
2015-10-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-26 20:45]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-12 19:23]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-12 19:23]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.club-vaio.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.192.1
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
FF - ProfilePath - c:\users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - ExtSQL: !HIDDEN! 2009-10-30 20:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{65B41DCE-101B-4A4A-A53F-374ABB560841} - c:\program files\Ecocho Toolbar\ecocho-asia.dll
WebBrowser-{65B41DCE-101B-4A4A-A53F-374ABB560841} - c:\program files\Ecocho Toolbar\ecocho-asia.dll
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-10-07 20:36
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2015-10-07  20:41:26
ComboFix-quarantined-files.txt  2015-10-07 18:41
.
Vor Suchlauf: 2.652.606.464 Bytes frei
Nach Suchlauf: 5.391.511.552 Bytes frei
.
- - End Of File - - B6A71D3B9480A1AD9F3EC5CF99BF3760
5C616939100B85E558DA92B899A0FC36
         

Alt 08.10.2015, 19:14   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.10.2015, 22:23   #11
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.10.2015
Suchlaufzeit: 20:39:49
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.08.04
Rootkit-Datenbank: v2015.10.06.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Tobias_2

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 502938
Abgelaufene Zeit: 36 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.012 - Bericht erstellt am 08/10/2015 um 21:38:27
# Aktualisiert am 08/10/2015 von Xplode
# Datenbank : 2015-10-07.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Tobias_2 - TOBI-PC
# Gestartet von : C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77DC3A00-0413-4A93-B21A-6E7C3B3A132A}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Ask.com
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PokerStars.net
[!] Schlüssel Nicht Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar

***** [ Internetbrowser ] *****

[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1712 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Tobias_2 on 08.10.2015 at 21:46:47,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Classes\TypeLib\{006ad7b2-968a-11de-88c9-5bde55d89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Tobias_2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2015 at 22:51:48,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:08-10-2015
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (08-10-2015 23:12:15)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]

Chrome: 
=======
CHR Profile: C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-06]
CHR Extension: (YouTube) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Google Mail) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Tobias_2\AppData\Local\Temp\catchme.sys [X]
S3 eapihdrv; \??\C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-08 23:12 - 2015-10-08 23:16 - 00020292 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-08 23:12 - 2015-10-08 23:12 - 00000000 ____D C:\Users\Tobias_2\Desktop\FRST-OlderVersion
2015-10-08 22:51 - 2015-10-08 22:51 - 00001875 _____ C:\Users\Tobias_2\Desktop\JRT.txt
2015-10-08 21:45 - 2015-10-08 21:45 - 01798976 _____ (Malwarebytes) C:\Users\Tobias_2\Desktop\JRT.exe
2015-10-08 21:42 - 2015-10-08 21:42 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-08 21:32 - 2015-10-08 21:32 - 01682432 _____ C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
2015-10-07 20:41 - 2015-10-07 20:41 - 00020835 _____ C:\ComboFix.txt
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\Qoobox
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\ComboFix
2015-10-07 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-07 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-07 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-07 20:07 - 2015-10-07 20:39 - 00000000 ____D C:\Windows\erdnt
2015-10-07 19:45 - 2015-10-07 19:45 - 05635766 ____R (Swearware) C:\Users\Tobias_2\Desktop\ComboFix.exe
2015-10-06 21:34 - 2015-10-06 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tobias_2\Desktop\tdsskiller.exe
2015-10-06 19:06 - 2015-10-06 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-06 19:03 - 2015-10-06 20:42 - 00000000 ____D C:\Users\Tobias_2\Desktop\mbar
2015-10-06 19:00 - 2015-10-06 19:01 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tobias_2\Desktop\mbar-1.09.3.1001.exe
2015-10-05 19:52 - 2015-10-08 23:12 - 01698304 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-06 18:58 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-08 23:12 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:16 - 2015-10-03 19:16 - 00000000 ____D C:\Program Files\ESET
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-08 21:22 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-06 19:05 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-08 23:02 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-08 22:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-08 22:00 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-08 21:55 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-08 21:55 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-08 21:50 - 2007-10-26 18:45 - 02053718 _____ C:\Windows\WindowsUpdate.log
2015-10-08 21:42 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-08 21:41 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-08 21:41 - 2007-02-26 18:30 - 01072794 _____ C:\Windows\PFRO.log
2015-10-08 21:41 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-08 21:40 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-08 21:40 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 21:38 - 2015-02-22 20:00 - 00000000 ____D C:\AdwCleaner
2015-10-08 19:00 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-08 18:04 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-07 20:41 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-10-07 20:36 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-05 11:23 - 2006-11-02 12:33 - 01624692 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat

Einige Dateien in TEMP:
====================
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-08 22:09

==================== Ende vom FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:08-10-2015
durchgeführt von Tobias_2 (2015-10-08 23:18:27)
Gestartet von C:\Users\Tobias_2\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2007-10-26 16:45:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3051598103-94963199-2244021974-500 - Administrator - Disabled)
Gast (S-1-5-21-3051598103-94963199-2244021974-501 - Limited - Enabled) => C:\Users\Gast
Maike (S-1-5-21-3051598103-94963199-2244021974-1006 - Limited - Enabled) => C:\Users\Maike
Tobias (S-1-5-21-3051598103-94963199-2244021974-1003 - Limited - Enabled) => C:\Users\Tobias
Tobias_2 (S-1-5-21-3051598103-94963199-2244021974-1005 - Administrator - Enabled) => C:\Users\Tobias_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 4.57 (HKLM\...\7-Zip) (Version:  - )
AAVUpdateManager (HKLM\...\{0D410F4D-9009-43F8-9DF1-BDADCE7FC43F}) (Version: 3.00.0000 - Akademische Arbeitsgemeinschaft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.4.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.4 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
CameraHelperMsi (Version: 13.00.1774.0 - Logitech) Hidden
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.7.4 - fotobuch.de AG)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 1.0.2.23 - DivX, Inc. )
ElsterFormular (HKLM\...\ElsterFormular 11.2.0.4074) (Version: 11.2.0.4074 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.0.0.0 - Steuerverwaltung des Bundes und der Länder)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
fideAS® file enterprise private edition (HKLM\...\{9D02EA09-A131-49A3-8D51-8E02D04F9847}) (Version:  - )
FreePDF XP (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Ghostery (HKLM\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20110512 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript 8.60 (HKLM\...\GPL Ghostscript 8.60) (Version:  - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version:  - )
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.59a (HKLM\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Napster 5 Beta (HKLM\...\com.Rhapsody.Napster5) (Version: 1.0.61 - Rhapsody International Inc)
Napster 5 Beta (Version: 1.0.61 - Rhapsody International Inc) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.86.9.0 - Nokia)
Nokia PC Suite (Version: 6.86.9.0 - Nokia) Hidden
Nokia Software Updater (HKLM\...\{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}) (Version: 02.04.005.41445 - Nokia Corporation)
OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
PC Connectivity Solution (HKLM\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version:  - )
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.81.0 - PS3 Media Server)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
SAMSUNG PC Share Manager (HKLM\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG)
SAMSUNG PC Share Manager (Version: 4.0 - SAMSUNG) Hidden
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)
Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)
Steuersparer 2014 (HKLM\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.13999  - TeamViewer GmbH)
The GodFather (HKLM\...\The GodFather) (Version:  - )
TOL 7.0.27.6 Components (HKLM\...\{82BB647B-C09E-423D-8395-BFFBA0B8644B}) (Version: 7.0.27.6 - Auralog)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Content Importer  VAIO Content Exporter (Version: 1.3.00.13300 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.3.00.13300 - Sony Corporation)
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)
VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.04090 - Sony Corporation)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7) (HKLM\...\CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A) (Version: 03/05/2008 3.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1) (HKLM\...\E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D) (Version: 03/13/2008 6.86.0.1 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}\localserver32 -> C:\Program Files\Nokia\Nokia PC Suite 6\MultimediaPlayer.exe (Nokia)
CustomCLSID: HKU\S-1-5-21-3051598103-94963199-2244021974-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Tobias_2\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei

==================== Wiederherstellungspunkte =========================

04-10-2015 12:13:08 Geplanter Prüfpunkt
05-10-2015 10:00:53 Windows Update
06-10-2015 21:08:31 Geplanter Prüfpunkt
08-10-2015 19:13:49 Geplanter Prüfpunkt
08-10-2015 21:46:52 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 12:23 - 2015-10-07 20:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03292A64-7B17-437B-9DA2-D3E930906277} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {04B8B746-6BF7-47EA-99D0-7730BCE7F577} - System32\Tasks\LaunchMCV => MyClubVaio.vbs
Task: {0B5E040C-AD07-4054-8009-55FD6A6AAB7E} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe
Task: {0E88563E-6870-46CC-85C5-28B2E654BE19} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
Task: {0F614CB5-37C8-4B6F-80B6-ABC59FA334AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {1E0CF3DC-DF39-437B-8205-25DCC08EADFC} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe
Task: {2209DF9F-5640-4DEB-84C3-3436BC3034CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2BFBEBC7-9615-4E55-B21E-5C30EAE3A84C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3FABAD80-64FB-4D44-A4B7-6D6A8EEF1F25} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe
Task: {4358621B-9F5F-4ACD-A7BC-31CAD8B59FD2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21] (Adobe Systems Incorporated)
Task: {4790FDBD-6127-4D9B-89AC-71F68627654D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {56B9293A-1863-4DDD-83CA-28AC0A33836D} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {62B77C40-E498-4DC1-9254-5B51BE706ECB} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {6AA69C80-8E22-4030-90B1-3955E6D3EEA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {7751B2CE-0C18-4074-96ED-62A6FF85FF5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9362BE8A-1751-4D85-A816-C3F0C1DFB5E6} - System32\Tasks\{5CD16FC8-E171-4B05-BB45-1B854FD80A0E} => pcalua.exe -a C:\ProgramData\Sony\MyClubVAIO\MyClubVAIO.exe -d C:\ProgramData\Sony\MyClubVAIO
Task: {9A27AE43-7CC4-40F4-9500-12DF824E11E8} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe
Task: {AE312CF0-704E-4EF9-A1F9-BFAAE6181039} - System32\Tasks\{49422247-D8A0-4B6E-8E37-82554BEFE11E} => pcalua.exe -a C:\Users\Tobias\setup-Reisen-tuerkriviera.exe -d C:\Users\Tobias
Task: {AECAC0BB-56ED-42A9-A828-4FF6F51307D4} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-04-09] (Sony Corporation)
Task: {B2071D54-F7E8-4E5D-ADCB-061257AB6345} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-04-09] (Sony Corporation)
Task: {B7A2ACFD-BA6A-4102-A268-B20318834D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {C14DD04F-1A66-48E6-A975-7522B5C4CA43} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {C5FD2310-9476-489B-A052-45068BB3FF84} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {D80E2DFA-FB3A-4170-B7AA-727A4CFA4D14} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job => C:\Users\Tobias\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-03-04 18:53 - 2005-01-06 19:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{28CFDEA3-1FFE-445E-BD6B-A4637549DBF5}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{B853D6C8-BE18-4F9F-BA31-E6B14A1C8375}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{1A1CD5E7-2AC5-404F-8A09-8FB4D708E942}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [{0EDBBDDF-09F8-4990-96F5-458203C2CF9B}] => (Allow) C:\Program Files\sony\VAIO Media 6.0\Vc.exe
FirewallRules: [TCP Query User{2481657B-1641-4E6C-A363-5423EE417079}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{55C341FC-8AC2-4B7E-B136-D3D0E6ED184E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{6B5686E8-CB7A-4058-8BB6-B06F0A96A270}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8D9186EB-1153-4738-85F7-A0D1B3D88093}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D9961355-22D1-495C-B015-48F80A6E1FAA}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9306F6B8-408E-4501-9715-6C0C4A46B0E2}F:\medias42\jre\bin\javaw.exe] => (Allow) F:\medias42\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1E3B55D9-83D2-4EF5-8928-7B319DEC8449}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [UDP Query User{A05C71EC-5117-4B68-A649-E1976551D6D2}H:\filme und musik normen\spiele\soldat\soldat\soldat.exe] => (Block) H:\filme und musik normen\spiele\soldat\soldat\soldat.exe
FirewallRules: [{93C19A66-0B4F-4500-8F22-4BF65D3BA3D2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AD5316F2-BCE8-4EAF-9AE9-795EF71C8D15}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{64B3005A-B06D-42BE-9D61-B63EF593CF77}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7A3D3597-79EE-4E7C-86EC-D2C472DDBCAB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{067C67C2-4FF9-430C-9D87-BB6844606E77}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{944DA102-993D-4305-88F0-E17C7BD1EF21}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [{72E8284F-400C-4DAD-A540-0045A3509488}] => (Allow) C:\Windows\Temp\KD_installer.exe
FirewallRules: [TCP Query User{FA429FA2-8476-4AED-831F-82B7396E4462}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{594768EA-2059-41A3-9118-B9C468D1B751}C:\program files\icq6.5\icq.exe] => (Allow) C:\program files\icq6.5\icq.exe
FirewallRules: [TCP Query User{5D950F6A-0BAB-4DB8-935F-CBDE976BCCAC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{3A9F5922-2D10-45AD-ACFF-FB700F4DFB17}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{C8108D91-91C2-4E2F-942E-7B29D4667048}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{88A4A4B2-1C61-4141-8DE4-BEB6CF68FE26}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{E522214B-C37A-4DE1-BDE3-72794AA78FE8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{2F0305A5-97DF-4A65-BFD7-AB57A24F0C0C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{99F8A7D3-7E51-4A2D-A672-A1CB9335A821}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{41DCE95C-86F8-476E-84A3-E56B1FDD0283}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{EA68F7EC-2EE8-4A2E-8800-A2D75AFB86E5}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{2ABAE764-8746-4C1A-BF23-1E3D0D78D172}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [TCP Query User{7AAF1241-C0AF-4C7D-8E9F-53E259B60A2A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{3F1F2C39-0675-4BC9-AEA9-DB34BA799DF8}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{1AA33B8E-5CC2-4A18-961C-16E6647E38D3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{2B6F0BC7-8F2E-41E6-A31A-938A748AC480}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0AA0629C-83BE-436A-896F-D164B52938B3}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0BC252E2-5A17-4E07-8DA6-2B55CE22B84F}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{B674EE12-A64D-46D5-B5C5-43CBA55BA932}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9F77F05A-21D3-4DE1-A3E1-79D39191C15D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{4ADFAAB8-6F72-42F1-B0FE-9F50B299F963}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{F4FFDFE3-41C8-4640-BFE3-44C15784CB8D}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{7E69422E-A34A-4BE6-825F-3B182B0744B5}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{9E4E39E6-E721-4433-8144-B9DA09366166}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
FirewallRules: [{C903A740-D1DA-4512-814B-E734F7EB5664}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{03CB3D3D-FD62-4813-A92B-1E22866EC922}] => (Allow) C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
FirewallRules: [{6D770C92-8066-464F-9EA9-E23633C2C834}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{997DDA14-3ACE-4601-9E76-C977ED47E7EC}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{0A536BE2-9B8B-45B4-B064-691B3AF3D32E}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09BC94BA-3A7C-44C2-B9E5-41C53AFB5917}] => (Allow) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{02C154E6-9507-42A0-B539-BD9DDCDD7C68}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{C6FA9CB9-A187-4569-8B98-D06B92C4DD75}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{A83763DD-9B9B-4ABE-A734-3EABCB4DEC66}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{313C0051-51C5-4A31-B14E-35A0EC404B0F}] => (Allow) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{AE3D2A82-EF1A-4177-8AB9-130E30509122}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64AEE323-F9A2-4C6F-A44D-76CB4DB639D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{31F31923-621F-4331-8F19-12DD86BD58DD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{35B4ABDB-BD77-405D-B3FE-5B59CF18C0FD}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{17C64AD6-E2F8-488E-9B0F-459BC3A19388}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{777E9E31-7F55-445C-9ABB-641DF8685D31}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{2C843C09-6FDD-40EF-BE30-3E57BC37A234}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E2BE1DDD-D5B2-418C-A623-EB2A7742AEC3}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{FEB4580A-36CA-4578-9E7C-1E79D7CE7F30}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35E4F129-FC20-4D7D-9C77-CE0B1EDE6FEB}C:\users\gast\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gast\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9A673BBC-A7B6-4192-8183-D705150C0C84}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{923894EE-0F16-4343-82E0-F3D0082A1FB6}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{6C06EB5A-861B-469B-A132-CAA7DA24AE55}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3E862549-9089-4CB8-B75B-1648B7E5986E}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{68168967-06E5-462E-8D18-57B124DC6AA9}] => (Allow) LPort=80
FirewallRules: [{56BA1E51-2A5E-4EFA-B160-4552B941741C}] => (Allow) LPort=80
FirewallRules: [{82951208-6457-4AF9-82B8-BD534CD1CF46}] => (Allow) LPort=80
FirewallRules: [{5597D2B1-B28D-4508-A17B-748A6F5C9C4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5DEAC93A-CBED-41A3-B1FA-7BFED7E30443}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{789A0F53-28A5-4728-B5AB-2E62A2AEA6EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0DA9DD76-ADA6-4040-94B3-EADDEFF9E2D6}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5778E77C-9FDE-4220-8F6A-7361D7EBD168}C:\users\tobias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tobias\appdata\roaming\spotify\spotify.exe
FirewallRules: [{85DF8EB2-15F9-4EF5-B460-3A90DC1486C6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe] => Designer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 76027571

Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 76027571

Error: (10/08/2015 06:04:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15740

Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15740

Error: (10/07/2015 08:57:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600

Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600

Error: (10/05/2015 11:46:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 11:40:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49036559


Systemfehler:
=============
Error: (10/08/2015 09:52:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Softwarelizenzierung11200001Neustart des Diensts

Error: (10/08/2015 09:52:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment Database Service1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Modules Installer11200001Neustart des Diensts

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Event Service1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment File Import Service1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: AAV UpdateService1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: iPod-Dienst1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: VAIO Entertainment UPnP Client Adapter1

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device1600001Neustart des Diensts

Error: (10/08/2015 09:52:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bonjour"1


CodeIntegrity:
===================================
  Date: 2015-10-08 23:17:34.128
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:33.332
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:32.427
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:31.632
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:30.893
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:30.577
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:30.233
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:17:29.672
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:14:00.679
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-08 23:13:59.681
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 1013.45 MB
Verfügbarer physikalischer RAM: 341.11 MB
Summe virtueller Speicher: 2291.21 MB
Verfügbarer virtueller Speicher: 1467.12 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:83.85 GB) (Free:7.37 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 0A508B38)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=27)
Partition 2: (Active) - (Size=83.8 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         
Danke

Alt 09.10.2015, 23:45   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.10.2015, 19:46   #13
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=init
# utc_time=2015-10-03 05:16:51
# local_time=2015-10-03 07:16:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26063
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=updated
# utc_time=2015-10-03 05:22:04
# local_time=2015-10-03 07:22:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# engine=26063
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-03 07:55:52
# local_time=2015-10-03 09:55:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 35150 281434880 0 0
# scanned=209985
# found=17
# cleaned=0
# scan_time=9227
sh=14309152E731BC4D86E3149DF6FD2FBE03557958 ft=1 fh=a19bc11331cd63d7 vn="Variante von MSIL/Adware.iBryte.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Search Extensions\Client.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tobias_2\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=9A4FCC5C1D00A5509DE12B8402EF754959D754F7 ft=0 fh=0000000000000000 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp"
sh=A20F28E74CD706977A86DCA1808198D28FFE7FCA ft=1 fh=a67d48d9397656de vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe"
sh=3C1E8D3DD1A61DE147926F8E94462C80FD550E8F ft=1 fh=1b50f6309e9a92d1 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll"
sh=5172B55DB1BD9D7C9943E5C8643609848EA79998 ft=1 fh=c71c00110e9b5324 vn="Variante von Win32/Soffer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=AD05A8CEE821A5AEBDABE5FF621DDBA8609E4603 ft=1 fh=2543ee6478afc561 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe"
sh=C1315CE980B9B356957A3F77AF6FC82CBBC8D6F0 ft=1 fh=497b94c0dd7c4759 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe"
sh=69EA492B98825BE54EDECA800EC9C490E89A42F3 ft=1 fh=6b9e0dd6d2f542ba vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe"
sh=6AC3F1C0C0CC50584D184152673D0F3AFE77ED41 ft=1 fh=02b333feb221be9b vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe"
sh=7028F239FAC673EE7DC7772ACC75D759EA73837D ft=1 fh=e769f095fe49f653 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe"
sh=40CE0A58E99858007E5DCD0BB5BF6A122686A917 ft=1 fh=f92770b35775886c vn="Win32/Somoto.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll"
sh=29531FF34ED520FDEF40B88D1C27B77D4064C1B7 ft=1 fh=6f280fcdcbb1a73e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe"
sh=FB24FEA961DF1EC689422F05A8D80349A05F2857 ft=1 fh=bbfe88937d20f9ad vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=init
# utc_time=2015-10-11 02:43:27
# local_time=2015-10-11 04:43:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26183
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# end=updated
# utc_time=2015-10-11 02:45:49
# local_time=2015-10-11 04:45:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=563b7ffd29eb9f40b716daf60326b67a
# engine=26183
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-11 05:38:34
# local_time=2015-10-11 07:38:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 11773 282117842 0 0
# scanned=252737
# found=7
# cleaned=0
# scan_time=10363
sh=14309152E731BC4D86E3149DF6FD2FBE03557958 ft=1 fh=a19bc11331cd63d7 vn="Variante von MSIL/Adware.iBryte.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Search Extensions\Client.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tobias_2\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=AD05A8CEE821A5AEBDABE5FF621DDBA8609E4603 ft=1 fh=2543ee6478afc561 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe"
sh=C1315CE980B9B356957A3F77AF6FC82CBBC8D6F0 ft=1 fh=497b94c0dd7c4759 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 29  
 Java(TM) SE Runtime Environment 6 
 Java version 32-bit out of Date! 
 Adobe Flash Player 	19.0.0.185  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (for.) 
 Mozilla Thunderbird 24.1.1 Thunderbird out of Date!  
 Google Chrome (45.0.2454.101) 
 Google Chrome (45.0.2454.99) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:11-10-2015 01
durchgeführt von Tobias_2 (Administrator) auf TOBI-PC (11-10-2015 20:33:36)
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-02-13] (Sony Corporation)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-08] (Google Inc.)
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Run: [GoogleChromeAutoLaunch_08DA38D71141E6A5E0731FEFBF7BF14E] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
ShellIconOverlayIdentifiers: [ffeOverlayIconNeg] -> {0B8B6796-B56B-45D4-A016-09846E00FEA1} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)
ShellIconOverlayIdentifiers: [ffeOverlayIconPos] -> {0B8B6796-B56B-45D4-A016-09846E00FEA0} => C:\Program Files\apsec\fideAS file enterprise\Private Edtion\ffeOverlay.dll [2008-11-26] (Applied Security GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-21-3051598103-94963199-2244021974-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3051598103-94963199-2244021974-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [Keine Datei]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-18] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2007-09-06] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-04-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-images.xml [2014-11-08]
FF SearchPlugin: C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\searchplugins\google-maps.xml [2014-11-08]
FF Extension: Cliqz Beta - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\cliqz@cliqz.com [2014-08-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2009-11-09]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-30]
FF HKU\S-1-5-21-3051598103-94963199-2244021974-1005\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tobias_2\AppData\Roaming\Mozilla\Firefox\Profiles\b920c4tp.default\extensions\cliqz@cliqz.com
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-03-08]

Chrome: 
=======
CHR Profile: C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-06]
CHR Extension: (YouTube) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Google Mail) - C:\Users\Tobias_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AllShare; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [Datei ist nicht signiert]
S2 gupdate1ca4b172e6509a8; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] () [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [Datei ist nicht signiert]
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [Datei ist nicht signiert]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation) [Datei ist nicht signiert]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation) [Datei ist nicht signiert]
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VUAgent; C:\Program Files\sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation) [Datei ist nicht signiert]
R3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R2 apsecf3; C:\Program Files\apsec\fideAS file enterprise\Private Edtion\vt\apsecf3.sys [77184 2008-12-12] (apsec) [Datei ist nicht signiert]
R3 eapihdrv; C:\Users\Tobias_2\AppData\Local\Temp\ehdrv.sys [135760 2015-10-11] (ESET)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Tobias_2\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-11 20:33 - 2015-10-11 20:33 - 00022019 _____ C:\Users\Tobias_2\Desktop\FRST.txt
2015-10-11 20:23 - 2015-10-11 20:23 - 00852720 _____ C:\Users\Tobias_2\Desktop\SecurityCheck.exe
2015-10-11 16:41 - 2015-10-11 16:41 - 02870984 _____ (ESET) C:\Users\Tobias_2\Desktop\esetsmartinstaller_deu.exe
2015-10-08 23:18 - 2015-10-08 23:20 - 00042704 _____ C:\Users\Tobias_2\Desktop\Addition.txt
2015-10-08 23:12 - 2015-10-11 20:33 - 00000000 ____D C:\Users\Tobias_2\Desktop\FRST-OlderVersion
2015-10-08 22:51 - 2015-10-08 22:51 - 00001875 _____ C:\Users\Tobias_2\Desktop\JRT.txt
2015-10-08 21:45 - 2015-10-08 21:45 - 01798976 _____ (Malwarebytes) C:\Users\Tobias_2\Desktop\JRT.exe
2015-10-08 21:42 - 2015-10-11 15:54 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-10-08 21:32 - 2015-10-08 21:32 - 01682432 _____ C:\Users\Tobias_2\Desktop\adwcleaner_5.012.exe
2015-10-07 20:41 - 2015-10-07 20:41 - 00020835 _____ C:\ComboFix.txt
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\Qoobox
2015-10-07 20:09 - 2015-10-07 20:41 - 00000000 ____D C:\ComboFix
2015-10-07 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-07 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-07 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-07 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-07 20:07 - 2015-10-07 20:39 - 00000000 ____D C:\Windows\erdnt
2015-10-07 19:45 - 2015-10-07 19:45 - 05635766 ____R (Swearware) C:\Users\Tobias_2\Desktop\ComboFix.exe
2015-10-06 21:34 - 2015-10-06 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tobias_2\Desktop\tdsskiller.exe
2015-10-06 19:06 - 2015-10-06 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-06 19:03 - 2015-10-06 20:42 - 00000000 ____D C:\Users\Tobias_2\Desktop\mbar
2015-10-06 19:00 - 2015-10-06 19:01 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Tobias_2\Desktop\mbar-1.09.3.1001.exe
2015-10-05 19:52 - 2015-10-11 20:33 - 01699328 _____ (Farbar) C:\Users\Tobias_2\Desktop\FRST.exe
2015-10-04 14:44 - 2015-10-06 18:58 - 00001963 _____ C:\Users\Tobias_2\Desktop\Google Chrome.lnk
2015-10-04 10:16 - 2015-10-04 10:17 - 00039027 _____ C:\Users\Tobias\Desktop\Addition.txt
2015-10-04 10:13 - 2015-10-11 20:33 - 00000000 ____D C:\FRST
2015-10-04 10:13 - 2015-10-04 10:17 - 00048222 _____ C:\Users\Tobias\Desktop\FRST.txt
2015-10-04 10:05 - 2015-10-04 10:06 - 00000478 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2015-10-04 10:05 - 2015-10-04 10:05 - 00000000 _____ C:\Users\Tobias_2\defogger_reenable
2015-10-04 09:55 - 2015-10-04 09:55 - 00380416 _____ C:\Users\Tobias\Desktop\Gmer-19357.exe
2015-10-04 09:53 - 2015-10-04 09:54 - 01697280 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2015-10-04 09:52 - 2015-10-04 09:52 - 00050477 _____ C:\Users\Tobias\Desktop\Defogger.exe
2015-10-03 19:15 - 2015-10-03 19:15 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu (1).exe
2015-10-03 18:20 - 2015-10-08 21:22 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-03 18:19 - 2015-10-06 19:05 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-03 18:19 - 2015-10-03 18:19 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-10-03 18:19 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 18:19 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 18:16 - 2015-10-03 18:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-03 14:53 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-03 14:52 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-10-03 14:52 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-10-03 14:51 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-03 14:50 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-03 14:50 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-03 14:50 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-10-03 14:50 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-03 14:50 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-03 14:50 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-03 14:49 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-03 14:48 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-03 14:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-03 14:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-03 14:45 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-03 14:44 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-03 14:43 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-03 14:43 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-03 14:42 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-03 14:42 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-03 14:42 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-03 14:42 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-03 14:42 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-03 14:41 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-03 14:41 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-03 14:41 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-03 14:40 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-03 14:39 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-03 14:38 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-03 14:37 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-03 14:27 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-03 14:27 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-03 14:26 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-03 14:25 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-03 14:23 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-03 14:22 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-03 14:22 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-03 14:21 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-03 14:21 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-03 14:19 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-03 14:18 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-03 14:18 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-03 14:18 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-03 14:15 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-03 14:14 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-10-03 14:14 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-03 14:14 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-03 14:13 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-03 14:12 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-03 13:51 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-03 13:51 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-03 13:51 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-03 13:51 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-03 13:51 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-03 13:51 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-03 13:49 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-03 13:49 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-03 13:49 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-03 13:49 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-03 13:49 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-03 13:49 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-03 13:49 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-03 13:49 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-03 13:49 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-03 13:49 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-03 13:49 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-03 13:48 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-03 13:48 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-03 13:47 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-03 13:47 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-03 13:46 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-03 13:46 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-03 13:46 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-03 13:45 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-03 13:44 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-03 13:43 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-03 13:42 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-03 13:42 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-03 13:42 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-03 13:42 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-03 13:39 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-03 13:38 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-03 13:38 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-03 13:38 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-03 13:38 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-03 13:38 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-03 13:38 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-03 13:38 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-03 13:38 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-03 13:38 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-03 13:38 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-23 20:07 - 2015-09-23 20:08 - 00010495 _____ C:\Users\Tobias\Downloads\Tobias_elster_23.09.2015_20.03.pfx
2015-09-20 22:58 - 2015-09-20 23:09 - 00000000 ____D C:\Users\Tobias\Downloads\Anna luth
2015-09-14 21:04 - 2015-09-14 21:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Tobias\Downloads\MicrosoftFixit.wu.Run.exe
2015-09-13 12:57 - 2015-09-13 12:58 - 00852704 _____ C:\Users\Tobias\Downloads\SecurityCheck.exe
2015-09-13 10:55 - 2015-09-13 10:56 - 02870984 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-11 20:02 - 2013-06-30 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-11 19:53 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-11 19:53 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-11 19:52 - 2009-10-12 10:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 19:26 - 2007-10-26 18:45 - 02094051 _____ C:\Windows\WindowsUpdate.log
2015-10-11 19:00 - 2012-03-29 18:50 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003UA.job
2015-10-11 19:00 - 2012-03-29 18:50 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051598103-94963199-2244021974-1003Core.job
2015-10-11 17:52 - 2009-10-12 10:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-11 16:07 - 2006-11-02 12:33 - 01601276 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-11 15:53 - 2011-01-02 13:22 - 00000000 ____D C:\Windows\system32\logishrd
2015-10-11 15:53 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-08 23:26 - 2008-04-18 15:22 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-08 23:26 - 2006-11-02 15:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 21:41 - 2007-02-26 18:30 - 01072794 _____ C:\Windows\PFRO.log
2015-10-08 21:38 - 2015-02-22 20:00 - 00000000 ____D C:\AdwCleaner
2015-10-08 18:04 - 2011-08-12 18:16 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-10-07 20:41 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-10-07 20:36 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-10-05 11:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-04 20:22 - 2015-07-26 16:16 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2015-10-04 14:44 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2\AppData\Local\Google
2015-10-04 10:05 - 2009-11-09 17:21 - 00000000 ____D C:\Users\Tobias_2
2015-10-03 15:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-03 15:46 - 2007-02-26 18:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-03 15:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-03 15:15 - 2006-11-02 14:47 - 00385216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-10-03 15:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-03 14:12 - 2014-04-03 21:49 - 00000000 ____D C:\Windows\system32\MRT
2015-10-03 11:33 - 2014-02-06 19:23 - 00000000 ____D C:\Users\Tobias\Desktop\Bilder Tisch Verkaufsliste
2015-10-03 11:21 - 2014-12-15 10:09 - 00000000 ____D C:\Users\Tobias\Desktop\Faulhaber
2015-10-03 11:19 - 2015-04-25 14:33 - 00000000 ____D C:\Users\Tobias\AppData\Local\CrashDumps
2015-10-03 08:43 - 2011-11-03 16:13 - 00000000 ____D C:\Users\Tobias\AppData\Local\.elfohilfe
2015-09-27 09:05 - 2015-02-08 20:45 - 00000000 ____D C:\Users\Tobias\Desktop\Tor Browser
2015-09-21 21:04 - 2013-03-23 12:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-21 21:04 - 2011-10-16 02:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 20:34 - 2006-11-02 14:52 - 00149663 _____ C:\Windows\setupact.log
2015-09-12 18:21 - 2007-10-26 18:12 - 00000000 ____D C:\Users\Tobias\AppData\Local\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2008-07-15 18:52 - 2008-07-15 18:52 - 0000032 _____ () C:\ProgramData\ezsid.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\ezsid.dat


Einige Dateien in TEMP:
====================
C:\Users\Tobias_2\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-11 16:50

==================== Ende vom FRST.txt ============================
         
Danke, aber leider ist das Problem noch nicht behoben wenn ich mich mit meinem Standard-Benutzerkonto anmelde. Nach wie vor ist der Desktop schwarz, der Start-Button klappt nicht, und das Einzige was sich öffnen läßt sind die Browser über das Browsersymbol in der Taskleiste :-/ ... Außerdem hat der Eset Scan beim Admin Konto nur 7 infizierte Dateien entdeckt. Beim Standard-Konto waren es 17. Kann das sein? Danke nochmal

Alt 12.10.2015, 17:42   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp

C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll

C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll

C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe

C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe

C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe

C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe

C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Java, Adobe und Thunderbird updaten.

Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen

Es kann sein dass das Benutzerkonto einfach kaputt ist.

Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.10.2015, 19:36   #15
Tobinio
 
Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Standard

Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:11-10-2015 02
durchgeführt von Tobias_2 (2015-10-12 20:24:31) Run:1
Gestartet von C:\Users\Tobias_2\Desktop
Geladene Profile: Tobias_2 (Verfügbare Profile: Tobias & Tobias_2 & Maike & Gast)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp

C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll

C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll

C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe

C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe

C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe

C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe

C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe

C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe
Emptytemp:
*****************

"C:\Users\Tobias\AppData\Local\Temp\6BF7.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\DMR\dmr_72.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\Helper.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias\AppData\Local\Temp\nsyA3BF.tmp\soffer.dll" => Datei/Ordner nicht gefunden.
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_1.8.5.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\Simple Webcam Recorder - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\VisiPics - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Tobias\Downloads\wichtige Downloads\MyPhoneExplorer_Setup_1.8.4.exe => erfolgreich verschoben
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\MyPhoneExplorer_v2_5185[2].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9DWMEEDJ\spstub[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P8ACS3K\BiTool[1].dll" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\OrbiterInstaller[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Tobias_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODB6W858\SPSetup[1].exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 356.3 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende vom Fixlog 20:25:59 ====
         
Hallo schrauber, ich habe deine Tipps mit dem Admin Konto ausgeführt. Das war doch richtig?!?

Antwort

Themen zu Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan
administrator, dateien, desktop, direkt, ergebnis, eset, files, gmer, infizierte, infos, klick, komplett, log, neue, neuen, neustart, nicht mehr, problem, rechner, scan, starten, taskleiste, vista, windows, windows vista



Ähnliche Themen: Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan


  1. Problem nach GMER Scan- Rechner zu lahm
    Antiviren-, Firewall- und andere Schutzprogramme - 08.03.2015 (16)
  2. Windows 7: Avira lässt sich nach GMER-Scan nicht mehr aktivieren
    Antiviren-, Firewall- und andere Schutzprogramme - 08.03.2015 (4)
  3. PC nach GMER scan langsam
    Antiviren-, Firewall- und andere Schutzprogramme - 27.05.2014 (4)
  4. Windows 7: PC-Scan mit Malewarebytes zeigt infizierte Dateien und Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.05.2014 (9)
  5. Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen
    Log-Analyse und Auswertung - 12.02.2014 (11)
  6. Windows Vista: MBAM-Scan findet Schädlinge nach Identitätsdiebstahl
    Log-Analyse und Auswertung - 03.02.2014 (17)
  7. Nationzoom eingefangen und entfernt, nach ESET noch infizierte Dateien vorhanden
    Log-Analyse und Auswertung - 18.12.2013 (3)
  8. Über 300 infizierte Dateien nach Malwarebytes-Scan
    Log-Analyse und Auswertung - 04.11.2013 (20)
  9. Windows XP: 2 infizierte Dateien nach Malwarebytes Scan
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (5)
  10. Win7 - Startseite Firefox auf QV06 umgeleitet - Scan u. Desinfektion mit MbAM, nun weitere Funde nach online-Scan mit ESET
    Log-Analyse und Auswertung - 24.08.2013 (9)
  11. 64 infizierte Dateien nach Malwarebytes-Scan - Was nun?
    Log-Analyse und Auswertung - 22.08.2013 (13)
  12. PC nach GMER scan superlangsam geworden.
    Log-Analyse und Auswertung - 30.06.2013 (25)
  13. AVIRA Scan nach VISTA Absturz mit Windows Bluescreen
    Log-Analyse und Auswertung - 23.05.2013 (1)
  14. Laptop immer langsamer, absturz, OTL scan abgestürzt, gmer scan > Systemabsturz - HILFE!
    Plagegeister aller Art und deren Bekämpfung - 06.02.2013 (3)
  15. 7 Infizierte Registrierungsschlüssel (Trojan.BHO) nach Malwarebytes Anti-Malware Scan
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (43)
  16. Nach Verschlüsselungstrojaner Malewarebytes-/defogger-/otlpenet-/gmer-scan durchgeführt
    Log-Analyse und Auswertung - 21.08.2012 (27)
  17. GMER Scan nach Windows 7 Neuinstalltion
    Plagegeister aller Art und deren Bekämpfung - 03.08.2011 (5)

Zum Thema Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan - Hallo, ich habe auf meinem Rechner den Eset scan laufen lassen mit dem Ergebnis von 17 infizierten Dateien. Wollte euch das posten. Davor wollte ich aber noch alle Log files - Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan...
Archiv
Du betrachtest: Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.