svchost exe netsvcs sorgt für sehr hohe cpu auslastung

Arty · 17.09.2016, 09:29

brauche eure unterstützung. seit einer woche etwa ist die CPU auslastung bei 25-50 %. habe malware und adware schon mal drüber gucken lassen, aber leider ohne erfolg.

für tatkräftigen support. arty

M-K-D-B · 17.09.2016, 11:57

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Alle Lodateien von bereits ausgeführten Programmen bitte nachreichen!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

alle Logdateien von bereits ausgeführten Programmen,
die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Arty · 17.09.2016, 19:18

Hallo Matthias, danke für deine Hilfe...

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von HO (Administrator) auf HO-VAIO (17-09-2016 19:50:33)
Gestartet von C:\Users\HO\Downloads
Geladene Profile: HO (Verfügbare Profile: HO)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VSee Lab, Inc.) C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mcomm.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mlauncher.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-28] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-11-07] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [VSee] => C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe [22674968 2014-08-12] (VSee Lab, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [GoToMeeting] => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe [41536 2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [] => [X]
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {64318709-472b-11e3-95bc-f0bf975f1bea} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {825f4dd3-e0e2-11e4-bccd-f0bf975f1bea} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {9fe1c7e9-9aaa-11e5-aa02-f0bf975f1bea} - F:\autorun.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {c937ccd4-d6a3-11e4-8d8f-90004ec8d1f8} - F:\AutoRun.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {d853c108-46e7-11e3-8c08-f0bf975f1bea} - G:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\HO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-12-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5D76E115-A2D2-4863-BB2E-9374840F8A75}: [DhcpNameServer] 10.3.128.4
Tcpip\..\Interfaces\{A11A85BB-E085-4FFD-94EE-FFC3A5FFC6C9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {21E70A4D-EE68-4D33-9B96-CAEA082328E9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {6F1D62BB-A687-4750-A16D-0861C5CE8495} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {AF0246D0-1070-4208-AD72-6A975DE7EEC0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: CmjBrowserHelperObject Object -> {07A11D74-9D25-4fea-A833-8B0D76A5577A} -> C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @citrixonline.com/appdetectorplugin -> C:\Users\HO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: vsee.com/VSeeDetection -> C:\Users\HO\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2013-11-03] (VSee Lab)
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\search_engine.xml [2014-06-20]
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\youtube.xml [2015-12-06]
FF Extension: (Cliqz) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\cliqz@cliqz.com.xpi [2016-09-10]
FF Extension: (Firefox Hotfix) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\newtaboverride@agenedia.com.xpi [2016-08-04]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243464 2013-08-28] (CyberLink)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-15] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-03-07] (REDC)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-07] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-17 19:50 - 2016-09-17 19:53 - 00027253 _____ C:\Users\HO\Downloads\FRST.txt
2016-09-17 19:49 - 2016-09-17 19:50 - 00000000 ____D C:\FRST
2016-09-17 19:49 - 2016-09-17 19:49 - 02399232 _____ (Farbar) C:\Users\HO\Downloads\FRST64.exe
2016-09-17 11:18 - 2016-09-17 11:18 - 00004787 _____ C:\Users\HO\Desktop\JRT.txt
2016-09-17 11:10 - 2016-09-17 11:10 - 01610560 _____ (Malwarebytes) C:\Users\HO\Downloads\JRT.exe
2016-09-17 08:35 - 2016-09-17 08:35 - 00010327 _____ C:\Users\HO\Downloads\AdwCleaner[C0].txt
2016-09-17 08:23 - 2016-09-17 08:30 - 00000000 ____D C:\AdwCleaner
2016-09-17 08:22 - 2016-09-17 08:22 - 03861056 _____ C:\Users\HO\Downloads\AdwCleaner_6.020.exe
2016-09-17 07:49 - 2016-09-17 07:49 - 00075064 _____ C:\Users\HO\Downloads\congstar_Monatsrechnung_2016_August_2201533992_7179511168.pdf
2016-09-17 07:48 - 2016-09-17 07:48 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-03 10:53 - 2016-09-03 10:53 - 00100591 _____ C:\Users\HO\Downloads\Cost sharing.pdf
2016-09-01 10:39 - 2016-09-02 08:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 19:38 - 2016-08-29 19:38 - 00314735 _____ C:\Users\HO\Downloads\Nutzungsbedingungen Haftpflicht-Siegel 11-2013.pdf
2016-08-29 08:09 - 2016-08-29 08:09 - 00009501 _____ C:\Users\HO\Downloads\Mappe2.xlsx
2016-08-26 17:19 - 2016-08-26 17:20 - 00000000 ____D C:\Users\HO\Desktop\Handelsvertreter
2016-08-26 13:57 - 2016-08-26 13:58 - 00278576 _____ C:\Windows\Minidump\082616-54101-01.dmp
2016-08-19 17:03 - 2016-08-19 17:03 - 02841726 _____ C:\Users\HO\Downloads\Dialoge_Nr35.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-17 19:51 - 2015-01-08 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-17 19:51 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-17 19:51 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-17 19:42 - 2015-04-12 12:18 - 00000000 ____D C:\Users\HO\AppData\Local\HTC MediaHub
2016-09-17 19:41 - 2014-01-13 17:02 - 00000000 ____D C:\Users\HO\AppData\Local\FreePDF_XP
2016-09-17 19:41 - 2013-11-03 02:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-17 19:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-17 11:28 - 2013-11-04 08:46 - 00000000 ____D C:\Users\HO\Documents\Outlook-Dateien
2016-09-17 11:25 - 2013-11-03 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-17 11:12 - 2013-11-03 02:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-17 10:36 - 2014-02-28 12:59 - 00000544 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-17 10:33 - 2015-06-04 08:36 - 00000640 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-17 10:30 - 2014-12-21 23:36 - 00007605 _____ C:\Users\HO\AppData\Local\Resmon.ResmonCfg
2016-09-17 08:59 - 2014-08-12 21:05 - 00001401 _____ C:\Users\HO\Desktop\GoToMeeting.lnk
2016-09-17 08:59 - 2014-05-23 11:15 - 00002467 _____ C:\Users\HO\Desktop\GoToMeeting Quick Connect.lnk
2016-09-17 08:19 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-17 08:00 - 2016-07-27 08:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-17 07:48 - 2016-07-26 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-17 07:39 - 2013-11-03 15:19 - 00000000 ____D C:\Users\HO\AppData\Local\CrashDumps
2016-09-16 09:54 - 2013-11-03 11:02 - 00000000 ____D C:\Users\HO\AppData\Roaming\Skype
2016-09-14 14:28 - 2013-11-03 02:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 14:28 - 2013-11-03 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 14:28 - 2013-11-03 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 14:27 - 2013-11-03 02:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 14:27 - 2013-11-03 01:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-09 09:45 - 2013-11-03 01:26 - 00000000 ____D C:\ProgramData\Skype
2016-09-09 09:44 - 2015-09-21 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-03 10:21 - 2015-06-04 08:36 - 00003658 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-03 10:21 - 2014-02-28 12:59 - 00003562 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-02 08:39 - 2014-02-09 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 17:37 - 2013-11-03 03:24 - 00000000 ____D C:\Users\HO\Documents\Business
2016-08-26 14:04 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-26 13:57 - 2016-04-22 06:11 - 594320949 _____ C:\Windows\MEMORY.DMP
2016-08-26 13:57 - 2013-11-06 11:04 - 00000000 ____D C:\Windows\Minidump
2016-08-26 09:45 - 2014-03-05 11:44 - 00504360 _____ C:\test.xml
2016-08-20 06:18 - 2014-07-30 15:04 - 00000000 ____D C:\Users\HO\AppData\Roaming\FileZilla
2016-08-19 21:14 - 2013-11-03 02:31 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-21 23:36 - 2016-09-17 10:30 - 0007605 _____ () C:\Users\HO\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\HO\AppData\Local\Temp\1fvwautoupd.exe
C:\Users\HO\AppData\Local\Temp\avgnt.exe
C:\Users\HO\AppData\Local\Temp\COMAP.EXE
C:\Users\HO\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\HO\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\HO\AppData\Local\Temp\libeay32.dll
C:\Users\HO\AppData\Local\Temp\msvcr120.dll
C:\Users\HO\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HO\AppData\Local\Temp\Quarantine.exe
C:\Users\HO\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HO\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 12:27

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von HO (17-09-2016 19:54:36)
Gestartet von C:\Users\HO\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-02 23:57:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-569190459-326481895-3770856800-500 - Administrator - Disabled)
Gast (S-1-5-21-569190459-326481895-3770856800-501 - Limited - Disabled)
HO (S-1-5-21-569190459-326481895-3770856800-1001 - Administrator - Enabled) => C:\Users\HO
HomeGroupUser$ (S-1-5-21-569190459-326481895-3770856800-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{0CC145EE-0BDD-C10F-1E52-CB2F6C4894E4}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6916.52 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demos - Telerik UI for WPF (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\fbb955dce3a1c387) (Version: 2015.1.224.40 - Demos - Telerik UI for WPF)
DevExpress Components 14.2 (HKLM-x32\...\DevExpress Components 14.2) (Version: 14.2.5 - Developer Express Inc.)
DevExpress Components 15.1 (HKLM-x32\...\DevExpress Components 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress DevExtreme 15.1 (HKLM-x32\...\DevExpress DevExtreme 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress WPF Demos (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\f51599dacb2f3d3c) (Version: 15.1.205.0 - Developer Express Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Firebird 2.1.1.17910 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.1.17910 - Firebird Project)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 5.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.22.1.5530 (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\GoToMeeting) (Version: 7.22.1.5530 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mindjet MindManager Pro 7 (HKLM-x32\...\{43EE9158-D821-4D6B-B1C7-06A8B97E6CCF}) (Version: 7.2.374 - Mindjet LLC)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
OlapGrid WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\1fc3393c7449819d) (Version: 12.4.0.24 - Syncfusion Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PivotAnalysis WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\dfa630185c8b5543) (Version: 12.4.0.24 - Syncfusion Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
SommerGlobal (HKLM-x32\...\SommerGlobal) (Version: 6.3016 - Sommer Informatik GmbH)
SommerGlobal (x32 Version: 6.3016 - Sommer Informatik GmbH) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Telekom Konferenz Add-In für Outlook (HKLM-x32\...\{4C56EDD2-2757-43A0-AFC5-25DDE9D22E71}) (Version: 2.6.0.1011 - Lindenbaum)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO C Series - Summer 2011 Screensaver (HKLM-x32\...\VAIO C Series - Summer 2011 Screensaver) (Version:  - )
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.3.0.02180 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSee (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\VSee) (Version: 14.0.0.808 - VSee Lab Inc)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{4C684845-7AC6-4416-AC5B-A6D9D11515B9}\InprocServer32 -> C:\Users\HO\AppData\Local\Telekom\Outlook-Conference-AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\HO\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {081F301A-6B71-4225-91D3-38A4AFC24723} - System32\Tasks\{360666CB-5CB9-472E-9F96-D69F33A4DC6A} => pcalua.exe -a C:\Users\HO\Downloads\iTunesSetup9.exe -d C:\Users\HO\Downloads
Task: {2A9B977D-752F-46A9-AC9F-9F11CD641993} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {38B63202-CFE9-4D88-A6B9-D3D0E3609658} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {3EDE753E-5C0F-448E-8F79-83E566B94314} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {4C00145D-1830-407B-B05E-0D4400DC91F2} - System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {51B5FC18-8819-4E6C-95AC-D9156C5B17A9} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Daily => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {55A8BD0B-6B27-41DF-A629-164117F2F8DB} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {5E7D6C53-DDEC-49A1-A1CB-B6511A1E2CE4} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8C27B2E1-63C0-4F63-B2A6-D5755D315DDF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {91930A06-7A38-4B76-BED1-BE271DF4606F} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {957B2D01-B489-4A33-A974-B4C46D367199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AA444C23-F1E7-4B32-AB54-37F3AE9A5353} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {AC4C0213-773B-4957-BCF8-831DAFFE3D63} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Month => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {AED7151B-5F23-4478-8D79-9EE3A686494F} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {BB23A0BB-D47B-4D72-9153-F88057B703A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C47BD-AD42-407D-92DB-FF304E25D54D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {C12FF1F3-0174-4E27-85BF-B84C191FBD41} - System32\Tasks\{05D7C6C5-D642-4B16-99A7-66A4BD97A86F} => pcalua.exe -a C:\Users\HO\Downloads\msicuu2.exe -d C:\Users\HO\Downloads
Task: {C8F614A5-12E2-45DD-B8BC-75325D23E8B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C8F62CDE-E3C5-4226-BB23-744B5DA35E77} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {CE5B4E6B-3BA4-4F91-A6E7-8AF9D4895804} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {E1FE5D63-DA2C-4BD3-84AC-A7A8C295643B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {E4C050E0-EB35-40C8-9827-4C37AE1794A7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {E599CC42-B7A2-488F-AD02-31517F66B294} - System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E69C0F0F-96E3-42BA-91EA-BA26818FAE7A} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {EB9C0252-7389-41C4-A29A-B0E936BBFF2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {F3C12EB7-B401-4AC5-8D79-AC09EBDAE0F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-18 18:10 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-19 17:48 - 2015-03-19 17:48 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2011-04-14 05:56 - 2014-07-22 13:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-07-05 15:22 - 2016-07-05 15:22 - 00313144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-03-19 17:48 - 2015-03-19 17:48 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-03-19 17:49 - 2015-03-19 17:49 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-11-03 00:53 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-11-03 03:21 - 2013-11-03 03:21 - 00278528 _____ () C:\Users\HO\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.DLL
2014-11-19 12:48 - 2014-11-19 12:48 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00392552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00059752 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2014-11-19 12:47 - 2014-11-19 12:47 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 12:46 - 2014-11-19 12:46 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-09-21 20:30 - 2014-11-07 03:33 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2014-09-21 20:29 - 2013-12-10 09:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-05-13 10:18 - 2016-05-13 10:18 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8c02229a9868d155acb626160d3dd0b8\IsdiInterop.ni.dll
2013-11-03 00:40 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-569190459-326481895-3770856800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MMReminderService => C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{3BB50929-F43A-4F08-A4F4-587874D68AF8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B5D8D88C-2ADF-4CA8-82D9-9FCC096720ED}] => (Allow) LPort=2869
FirewallRules: [{85A0909A-D9F2-4EDA-8315-705E0DDDD773}] => (Allow) LPort=1900
FirewallRules: [{9BBA1C80-654C-47E7-BC9D-0F83F0FF25CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A731DFE5-50E2-47AF-810A-45B6CA733A69}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5DC5F713-DD89-4C05-A133-E0538B9E8A9A}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{D195C204-A992-4BA1-93E3-3C5108C95462}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{476B5C91-C840-488F-AE97-9D0EB1C1C7FF}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{B7F4D783-ADCD-4D62-94EC-1C8527D53811}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{50BB5CDA-830E-474E-BE77-A9762CDCD790}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{BCA545CA-0B4A-4B86-8EB0-46EA23187C51}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [TCP Query User{3999D4C8-135C-4ADB-A4D8-5B46475C723C}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{39DF657A-EFE8-455D-A104-28866E0032D2}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [TCP Query User{3DB3BD84-D6F5-4E4B-B8C2-1C440FEA23E1}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{98E0B391-2773-4D86-A7D3-DEEC399CEA43}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [{026F8CBF-3560-45E3-8B37-ED80293911EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{A4016A79-9640-42FE-815B-AC73B9FB2150}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{326B1180-77CE-447C-B73C-DA2F70163415}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{7C2C2850-83C2-473A-A7BC-6836209F4A21}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{63976B40-4F36-47D4-B72D-EDE34EF04439}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [TCP Query User{4D78AEC3-1E57-4C2E-8525-B78AA389EA2C}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{A533FC09-74CC-4D05-A533-3216431E5C95}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{BA6354D1-9FE3-4B15-A065-5625E15353DA}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{AFDD54EE-D9EF-4563-9FB1-6F38D67CF822}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{E4134387-3679-4472-8613-FCA984B94E9A}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{1D796511-92A5-4E48-85A8-4C1B6F22E1BF}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{22624CD5-065C-4C44-9E03-DBC335FDD62D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{7D68761C-32B5-4883-9EB7-78E0E5A900A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{1A4F137B-55D4-440E-BC09-31C8D409FB5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{CA3A75E8-0D96-4851-B1BC-1FC62FB9035F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{1598C322-4E7B-4A50-ADF0-1D1BE495FE92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{76C4D025-C7F5-4CD9-A99E-9DB0E9DBE641}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35C20C6F-FAF2-4746-9AC5-8E65C92F6D2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5DD3A7F9-C9BB-44E3-9806-156D92A792F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A88AB21-6B80-49C7-8BD6-0965D33028CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E47BB049-6453-48AE-8DFC-4F4F5537842E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F692E75-8F62-4E9D-AC9D-5AFD18023E0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F81CBE9-DEF2-4192-920B-E5BEA230AFDD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5B93884F-9E41-47D8-8550-9E4C1B0975DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E77A1DEF-1547-4E2B-A0EA-997538DF2E89}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{721383C9-0538-4380-BA4E-3A190CD20D7C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{2B1249AB-CEA1-4B1D-B6B1-CD75FF5191BD}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{6408B26D-2161-48DB-A59B-68CCAC804D0F}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{1B519982-B987-44DA-9BFA-383155EAE109}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{E6B28C32-0338-4C66-AFB0-3CA2A0E4FD21}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9D13E9F-C3B6-444A-8823-EC99DEAC9F2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{033F2696-CA07-46CB-9582-54326E3BB596}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2335E0A9-AA2C-4562-8F86-BADD172443AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2423AB4-7D18-4474-A399-BB09DEBB62AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D8BA448-2DC5-4401-A094-1E120D4718A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4FFB62D-8078-45C9-981C-D35DED118792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CC073E34-E003-456C-B16D-91388EEB77E0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [UDP Query User{6EA3670C-F3F2-4D81-A73C-7B42E492D4AA}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [{56A6C683-6729-4CAE-917E-685D817C17DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-08-2016 09:58:56 Windows Update
10-08-2016 17:13:21 Windows Update
12-08-2016 12:34:23 Windows Update
16-08-2016 13:17:27 Windows Update
17-08-2016 11:32:49 Windows Update
26-08-2016 08:42:24 Windows Update
26-08-2016 12:41:20 Windows Update
30-08-2016 10:08:52 Windows Update
07-09-2016 06:54:17 Windows Update
17-09-2016 11:11:29 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/17/2016 07:41:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:33:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:19:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:58:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCsystray.exe, Version: 6.4.0.14160, Zeitstempel: 0x4d5a5da9
Name des fehlerhaften Moduls: msxml6.dll, Version: 6.30.7601.18923, Zeitstempel: 0x55a5d020
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000cc680
ID des fehlerhaften Prozesses: 0x174c
Startzeit der fehlerhaften Anwendung: 0x01d210a46b0a9d42
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCsystray.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\msxml6.dll
Berichtskennung: 1848dacb-7c99-11e6-ada2-f0bf975f1bea

Error: (09/17/2016 07:33:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:24:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/16/2016 06:15:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm VAIO Gate.exe, Version 2.4.2.2200 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15a4

Startzeit: 01d2102f53876e0b

Endzeit: 308

Anwendungspfad: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Berichts-ID: b2b074d7-7c28-11e6-8435-f0bf975f1bea

Error: (09/16/2016 06:05:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/16/2016 05:30:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (09/17/2016 07:40:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/17/2016 07:40:05 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/17/2016 08:37:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (09/17/2016 08:37:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Update" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/17/2016 08:37:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst wuauserv erreicht.

Error: (09/17/2016 08:36:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (09/17/2016 08:31:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/17/2016 08:30:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Pipe wurde beendet.

Error: (09/17/2016 08:30:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (09/17/2016 08:30:53 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


CodeIntegrity:
===================================
  Date: 2015-01-07 22:23:44.687
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.606
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.516
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.424
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 4007.14 MB
Verfügbarer physikalischer RAM: 901.68 MB
Summe virtueller Speicher: 8012.46 MB
Verfügbarer virtueller Speicher: 4357.33 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:579.92 GB) (Free:378.43 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:635.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 66A1540B)
Partition 1: (Not Active) - (Size=16.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=579.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD73D487)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

Arty · 17.09.2016, 19:24

Code:

ATTFilter

20:19:14.0654 0x22a0  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
20:19:19.0583 0x22a0  ============================================================
20:19:19.0583 0x22a0  Current date / time: 2016/09/17 20:19:19.0583
20:19:19.0583 0x22a0  SystemInfo:
20:19:19.0583 0x22a0  
20:19:19.0583 0x22a0  OS Version: 6.1.7601 ServicePack: 1.0
20:19:19.0583 0x22a0  Product type: Workstation
20:19:19.0583 0x22a0  ComputerName: HO-VAIO
20:19:19.0583 0x22a0  UserName: HO
20:19:19.0583 0x22a0  Windows directory: C:\Windows
20:19:19.0583 0x22a0  System windows directory: C:\Windows
20:19:19.0583 0x22a0  Running under WOW64
20:19:19.0583 0x22a0  Processor architecture: Intel x64
20:19:19.0583 0x22a0  Number of processors: 4
20:19:19.0583 0x22a0  Page size: 0x1000
20:19:19.0583 0x22a0  Boot type: Normal boot
20:19:19.0584 0x22a0  CodeIntegrityOptions = 0x00000001
20:19:19.0584 0x22a0  ============================================================
20:19:20.0388 0x22a0  KLMD registered as C:\Windows\system32\drivers\50607073.sys
20:19:20.0388 0x22a0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23418, osProperties = 0x1
20:19:20.0727 0x22a0  System UUID: {CD45231E-38EB-2D35-CA74-DC2FE860B96B}
20:19:21.0448 0x22a0  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:21.0451 0x22a0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:19:24.0529 0x22a0  ============================================================
20:19:24.0529 0x22a0  \Device\Harddisk0\DR0:
20:19:24.0559 0x22a0  MBR partitions:
20:19:24.0559 0x22a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2050800, BlocksNum 0x32000
20:19:24.0559 0x22a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2082800, BlocksNum 0x487D5000
20:19:24.0559 0x22a0  \Device\Harddisk1\DR1:
20:19:24.0559 0x22a0  MBR partitions:
20:19:24.0559 0x22a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:19:24.0559 0x22a0  ============================================================
20:19:24.0586 0x22a0  C: <-> \Device\Harddisk0\DR0\Partition2
20:19:24.0691 0x22a0  F: <-> \Device\Harddisk1\DR1\Partition1
20:19:24.0691 0x22a0  ============================================================
20:19:24.0691 0x22a0  Initialize success
20:19:24.0691 0x22a0  ============================================================
20:19:47.0994 0x0bf8  ============================================================
20:19:47.0994 0x0bf8  Scan started
20:19:47.0994 0x0bf8  Mode: Manual; SigCheck; TDLFS; 
20:19:47.0994 0x0bf8  ============================================================
20:19:47.0994 0x0bf8  KSN ping started
20:19:59.0180 0x0bf8  KSN ping finished: true
20:19:59.0819 0x0bf8  ================ Scan system memory ========================
20:19:59.0819 0x0bf8  System memory - ok
20:19:59.0822 0x0bf8  ================ Scan services =============================
20:19:59.0948 0x0bf8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:20:00.0046 0x0bf8  1394ohci - ok
20:20:00.0146 0x0bf8  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:20:00.0166 0x0bf8  ACDaemon - ok
20:20:00.0190 0x0bf8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:20:00.0227 0x0bf8  ACPI - ok
20:20:00.0254 0x0bf8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:20:00.0268 0x0bf8  AcpiPmi - ok
20:20:00.0344 0x0bf8  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
20:20:00.0370 0x0bf8  AdobeActiveFileMonitor9.0 - ok
20:20:00.0453 0x0bf8  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:00.0463 0x0bf8  AdobeARMservice - ok
20:20:00.0583 0x0bf8  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:00.0614 0x0bf8  AdobeFlashPlayerUpdateSvc - ok
20:20:00.0654 0x0bf8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:20:00.0678 0x0bf8  adp94xx - ok
20:20:00.0713 0x0bf8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:20:00.0733 0x0bf8  adpahci - ok
20:20:00.0741 0x0bf8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:20:00.0756 0x0bf8  adpu320 - ok
20:20:00.0785 0x0bf8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:20:00.0799 0x0bf8  AeLookupSvc - ok
20:20:00.0843 0x0bf8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
20:20:00.0881 0x0bf8  AFD - ok
20:20:00.0916 0x0bf8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:20:00.0926 0x0bf8  agp440 - ok
20:20:00.0960 0x0bf8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:20:01.0004 0x0bf8  ALG - ok
20:20:01.0048 0x0bf8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:20:01.0081 0x0bf8  aliide - ok
20:20:01.0117 0x0bf8  [ 42047D5A2056DD94124AE147C6C4D0A9, 092191A9FAAA7019294F98976258BDEAFB94DF39E9F5E970B44F9F3FD555F8E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:20:01.0135 0x0bf8  AMD External Events Utility - ok
20:20:01.0146 0x0bf8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:20:01.0157 0x0bf8  amdide - ok
20:20:01.0185 0x0bf8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:20:01.0197 0x0bf8  AmdK8 - ok
20:20:01.0590 0x0bf8  [ 22222E24DDE94F60E2B1776B6F9BC471, 61D133FAFA9B3F8CFD1FF478DABC395CEEF034D916FCAB24C5EDB343AE2D0028 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:20:01.0948 0x0bf8  amdkmdag - ok
20:20:02.0010 0x0bf8  [ 37FF664741B50E617248DE7B58715146, 653E2F42EC175DFCD1B97AB717BC70725EECA90B9AA8806870D5B2971AF4887B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:20:02.0037 0x0bf8  amdkmdap - ok
20:20:02.0053 0x0bf8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:20:02.0064 0x0bf8  AmdPPM - ok
20:20:02.0107 0x0bf8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:20:02.0122 0x0bf8  amdsata - ok
20:20:02.0152 0x0bf8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:20:02.0165 0x0bf8  amdsbs - ok
20:20:02.0178 0x0bf8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:20:02.0189 0x0bf8  amdxata - ok
20:20:02.0367 0x0bf8  [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:20:02.0416 0x0bf8  AntiVirMailService - ok
20:20:02.0516 0x0bf8  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:20:02.0535 0x0bf8  AntiVirSchedulerService - ok
20:20:02.0630 0x0bf8  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:20:02.0649 0x0bf8  AntiVirService - ok
20:20:02.0800 0x0bf8  [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:20:02.0859 0x0bf8  AntiVirWebService - ok
20:20:02.0893 0x0bf8  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
20:20:02.0918 0x0bf8  AppID - ok
20:20:02.0934 0x0bf8  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:20:02.0948 0x0bf8  AppIDSvc - ok
20:20:02.0977 0x0bf8  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
20:20:03.0005 0x0bf8  Appinfo - ok
20:20:03.0170 0x0bf8  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:20:03.0182 0x0bf8  Apple Mobile Device Service - ok
20:20:03.0210 0x0bf8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:20:03.0221 0x0bf8  arc - ok
20:20:03.0227 0x0bf8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:20:03.0238 0x0bf8  arcsas - ok
20:20:03.0260 0x0bf8  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:20:03.0268 0x0bf8  ArcSoftKsUFilter - ok
20:20:03.0366 0x0bf8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:20:03.0378 0x0bf8  aspnet_state - ok
20:20:03.0399 0x0bf8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:03.0431 0x0bf8  AsyncMac - ok
20:20:03.0468 0x0bf8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:20:03.0479 0x0bf8  atapi - ok
20:20:03.0502 0x0bf8  [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:20:03.0524 0x0bf8  AthBTPort - ok
20:20:03.0573 0x0bf8  [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:20:03.0583 0x0bf8  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
20:20:03.0766 0x0bf8  Detect skipped due to KSN trusted
20:20:03.0766 0x0bf8  Atheros Bt&Wlan Coex Agent - ok
20:20:03.0808 0x0bf8  [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:20:03.0815 0x0bf8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:20:03.0996 0x0bf8  Detect skipped due to KSN trusted
20:20:03.0996 0x0bf8  AtherosSvc - ok
20:20:04.0115 0x0bf8  [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:20:04.0215 0x0bf8  athr - ok
20:20:04.0283 0x0bf8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:04.0316 0x0bf8  AudioEndpointBuilder - ok
20:20:04.0335 0x0bf8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:20:04.0366 0x0bf8  AudioSrv - ok
20:20:04.0417 0x0bf8  [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:04.0430 0x0bf8  avgntflt - ok
20:20:04.0475 0x0bf8  [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:20:04.0487 0x0bf8  avipbb - ok
20:20:04.0660 0x0bf8  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:20:04.0676 0x0bf8  Avira.ServiceHost - ok
20:20:04.0702 0x0bf8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:20:04.0712 0x0bf8  avkmgr - ok
20:20:04.0739 0x0bf8  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
20:20:04.0750 0x0bf8  avnetflt - ok
20:20:04.0784 0x0bf8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:20:04.0804 0x0bf8  AxInstSV - ok
20:20:04.0849 0x0bf8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:20:04.0869 0x0bf8  b06bdrv - ok
20:20:04.0884 0x0bf8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:04.0904 0x0bf8  b57nd60a - ok
20:20:04.0983 0x0bf8  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:20:04.0996 0x0bf8  BBSvc - ok
20:20:05.0038 0x0bf8  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:20:05.0052 0x0bf8  BBUpdate - ok
20:20:05.0086 0x0bf8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:20:05.0112 0x0bf8  BDESVC - ok
20:20:05.0148 0x0bf8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:20:05.0184 0x0bf8  Beep - ok
20:20:05.0218 0x0bf8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:20:05.0265 0x0bf8  BFE - ok
20:20:05.0326 0x0bf8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:20:05.0387 0x0bf8  BITS - ok
20:20:05.0396 0x0bf8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:05.0410 0x0bf8  blbdrive - ok
20:20:05.0506 0x0bf8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:20:05.0525 0x0bf8  Bonjour Service - ok
20:20:05.0556 0x0bf8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:20:05.0583 0x0bf8  bowser - ok
20:20:05.0616 0x0bf8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:20:05.0633 0x0bf8  BrFiltLo - ok
20:20:05.0637 0x0bf8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:20:05.0653 0x0bf8  BrFiltUp - ok
20:20:05.0685 0x0bf8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:20:05.0700 0x0bf8  Browser - ok
20:20:05.0720 0x0bf8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:20:05.0741 0x0bf8  Brserid - ok
20:20:05.0746 0x0bf8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:05.0762 0x0bf8  BrSerWdm - ok
20:20:05.0766 0x0bf8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:05.0780 0x0bf8  BrUsbMdm - ok
20:20:05.0784 0x0bf8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:05.0795 0x0bf8  BrUsbSer - ok
20:20:05.0818 0x0bf8  [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:20:05.0858 0x0bf8  BTATH_A2DP - ok
20:20:05.0876 0x0bf8  [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
20:20:05.0888 0x0bf8  btath_avdt - ok
20:20:05.0917 0x0bf8  [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
20:20:05.0935 0x0bf8  BTATH_BUS - ok
20:20:05.0962 0x0bf8  [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:20:05.0984 0x0bf8  BTATH_HCRP - ok
20:20:05.0994 0x0bf8  [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:20:06.0008 0x0bf8  BTATH_LWFLT - ok
20:20:06.0030 0x0bf8  [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
20:20:06.0062 0x0bf8  BTATH_RCP - ok
20:20:06.0097 0x0bf8  [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:20:06.0127 0x0bf8  BtFilter - ok
20:20:06.0170 0x0bf8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:20:06.0184 0x0bf8  BthEnum - ok
20:20:06.0197 0x0bf8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:06.0213 0x0bf8  BTHMODEM - ok
20:20:06.0235 0x0bf8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:20:06.0253 0x0bf8  BthPan - ok
20:20:06.0283 0x0bf8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:20:06.0312 0x0bf8  BTHPORT - ok
20:20:06.0341 0x0bf8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:20:06.0378 0x0bf8  bthserv - ok
20:20:06.0398 0x0bf8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:20:06.0410 0x0bf8  BTHUSB - ok
20:20:06.0587 0x0bf8  [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:20:06.0632 0x0bf8  c2cautoupdatesvc - ok
20:20:06.0753 0x0bf8  [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:20:06.0807 0x0bf8  c2cpnrsvc - ok
20:20:06.0833 0x0bf8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:20:06.0869 0x0bf8  cdfs - ok
20:20:06.0890 0x0bf8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:20:06.0905 0x0bf8  cdrom - ok
20:20:06.0931 0x0bf8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:20:06.0962 0x0bf8  CertPropSvc - ok
20:20:06.0967 0x0bf8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:20:06.0983 0x0bf8  circlass - ok
20:20:07.0034 0x0bf8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:20:07.0052 0x0bf8  CLFS - ok
20:20:07.0137 0x0bf8  [ 6E0FEE1A49B600BAD8F741CBE4D8136D, 6EA82518420F1BC7716EF4245CA7BEAC7F1A9228E6B90C1653173263EA7CF8D7 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
20:20:07.0150 0x0bf8  CLKMSVC10_9EC60124 - ok
20:20:07.0212 0x0bf8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:07.0223 0x0bf8  clr_optimization_v2.0.50727_32 - ok
20:20:07.0258 0x0bf8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:20:07.0271 0x0bf8  clr_optimization_v2.0.50727_64 - ok
20:20:07.0333 0x0bf8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:07.0357 0x0bf8  clr_optimization_v4.0.30319_32 - ok
20:20:07.0371 0x0bf8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:20:07.0386 0x0bf8  clr_optimization_v4.0.30319_64 - ok
20:20:07.0411 0x0bf8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:07.0422 0x0bf8  CmBatt - ok
20:20:07.0458 0x0bf8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:20:07.0468 0x0bf8  cmdide - ok
20:20:07.0513 0x0bf8  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:20:07.0542 0x0bf8  CNG - ok
20:20:07.0557 0x0bf8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:20:07.0569 0x0bf8  Compbatt - ok
20:20:07.0580 0x0bf8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:20:07.0597 0x0bf8  CompositeBus - ok
20:20:07.0601 0x0bf8  COMSysApp - ok
20:20:07.0677 0x0bf8  [ 035B05EACA764357D3F616F1B9B3F615, 49984C133D339972EE9ECA38DB30E4AFAD57985E4CED5EACEE9C0DC2D337A543 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:20:07.0691 0x0bf8  cphs - ok
20:20:07.0711 0x0bf8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:20:07.0720 0x0bf8  crcdisk - ok
20:20:07.0762 0x0bf8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:20:07.0779 0x0bf8  CryptSvc - ok
20:20:07.0924 0x0bf8  [ 75E3C4BB1ED032310EDCF5691A452B4B, E7FDF778CBD347017A84EB3919C530ED1EACB22277F3EA3B6FF3EA45D9FE8A6D ] DCDhcpService   C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
20:20:07.0932 0x0bf8  DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
20:20:08.0116 0x0bf8  Detect skipped due to KSN trusted
20:20:08.0116 0x0bf8  DCDhcpService - ok
20:20:08.0178 0x0bf8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:20:08.0239 0x0bf8  DcomLaunch - ok
20:20:08.0275 0x0bf8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:20:08.0319 0x0bf8  defragsvc - ok
20:20:08.0338 0x0bf8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:20:08.0371 0x0bf8  DfsC - ok
20:20:08.0391 0x0bf8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:20:08.0411 0x0bf8  Dhcp - ok
20:20:08.0524 0x0bf8  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:20:08.0581 0x0bf8  DiagTrack - ok
20:20:08.0619 0x0bf8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:20:08.0670 0x0bf8  discache - ok
20:20:08.0692 0x0bf8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
20:20:08.0705 0x0bf8  Disk - ok
20:20:08.0735 0x0bf8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:20:08.0752 0x0bf8  Dnscache - ok
20:20:08.0781 0x0bf8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:20:08.0819 0x0bf8  dot3svc - ok
20:20:08.0843 0x0bf8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:20:08.0883 0x0bf8  DPS - ok
20:20:08.0915 0x0bf8  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:20:08.0926 0x0bf8  drmkaud - ok
20:20:08.0985 0x0bf8  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:20:09.0019 0x0bf8  DXGKrnl - ok
20:20:09.0053 0x0bf8  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
20:20:09.0071 0x0bf8  e1yexpress - ok
20:20:09.0101 0x0bf8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:20:09.0148 0x0bf8  EapHost - ok
20:20:09.0267 0x0bf8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:20:09.0363 0x0bf8  ebdrv - ok
20:20:09.0414 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] EFS             C:\Windows\System32\lsass.exe
20:20:09.0425 0x0bf8  EFS - ok
20:20:09.0496 0x0bf8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:20:09.0530 0x0bf8  ehRecvr - ok
20:20:09.0537 0x0bf8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:20:09.0552 0x0bf8  ehSched - ok
20:20:09.0593 0x0bf8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:20:09.0616 0x0bf8  elxstor - ok
20:20:09.0621 0x0bf8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:20:09.0632 0x0bf8  ErrDev - ok
20:20:09.0667 0x0bf8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:20:09.0708 0x0bf8  EventSystem - ok
20:20:09.0726 0x0bf8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:20:09.0766 0x0bf8  exfat - ok
20:20:09.0790 0x0bf8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:20:09.0830 0x0bf8  fastfat - ok
20:20:09.0874 0x0bf8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:20:09.0905 0x0bf8  Fax - ok
20:20:09.0910 0x0bf8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:20:09.0923 0x0bf8  fdc - ok
20:20:09.0948 0x0bf8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:20:09.0981 0x0bf8  fdPHost - ok
20:20:09.0988 0x0bf8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:20:10.0022 0x0bf8  FDResPub - ok
20:20:10.0043 0x0bf8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:20:10.0056 0x0bf8  FileInfo - ok
20:20:10.0069 0x0bf8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:20:10.0102 0x0bf8  Filetrace - ok
20:20:10.0195 0x0bf8  [ B84D31AC5AE8372CE60204920E8F98E2, F7DDC746AE8B0FD9C0A10AEC90AFA886A2B20F86DBDDE3BDC784802B45AC9A7C ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
20:20:10.0217 0x0bf8  FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
20:20:10.0411 0x0bf8  Detect skipped due to KSN trusted
20:20:10.0411 0x0bf8  FirebirdGuardianDefaultInstance - ok
20:20:10.0528 0x0bf8  [ E83398B97959086265B7FEE2BFAF1343, 968D7552C78AD6348ECB1C33147C73A23478DB54C509AA99D2A10223F3C4CCBE ] FirebirdServerDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
20:20:10.0615 0x0bf8  FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
20:20:10.0799 0x0bf8  Detect skipped due to KSN trusted
20:20:10.0800 0x0bf8  FirebirdServerDefaultInstance - ok
20:20:10.0843 0x0bf8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:20:10.0853 0x0bf8  flpydisk - ok
20:20:10.0885 0x0bf8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:20:10.0900 0x0bf8  FltMgr - ok
20:20:10.0977 0x0bf8  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
20:20:11.0027 0x0bf8  FontCache - ok
20:20:11.0065 0x0bf8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:11.0076 0x0bf8  FontCache3.0.0.0 - ok
20:20:11.0093 0x0bf8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:20:11.0105 0x0bf8  FsDepends - ok
20:20:11.0130 0x0bf8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:20:11.0150 0x0bf8  Fs_Rec - ok
20:20:11.0187 0x0bf8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:20:11.0203 0x0bf8  fvevol - ok
20:20:11.0229 0x0bf8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:20:11.0241 0x0bf8  gagp30kx - ok
20:20:11.0278 0x0bf8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:20:11.0288 0x0bf8  GEARAspiWDM - ok
20:20:11.0355 0x0bf8  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
20:20:11.0424 0x0bf8  gpsvc - ok
20:20:11.0498 0x0bf8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:11.0508 0x0bf8  gupdate - ok
20:20:11.0518 0x0bf8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:11.0527 0x0bf8  gupdatem - ok
20:20:11.0611 0x0bf8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:11.0621 0x0bf8  gusvc - ok
20:20:11.0664 0x0bf8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:20:11.0676 0x0bf8  hcw85cir - ok
20:20:11.0705 0x0bf8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:11.0729 0x0bf8  HdAudAddService - ok
20:20:11.0746 0x0bf8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:11.0764 0x0bf8  HDAudBus - ok
20:20:11.0771 0x0bf8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:20:11.0783 0x0bf8  HidBatt - ok
20:20:11.0791 0x0bf8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:20:11.0808 0x0bf8  HidBth - ok
20:20:11.0814 0x0bf8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:20:11.0829 0x0bf8  HidIr - ok
20:20:11.0862 0x0bf8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:20:11.0897 0x0bf8  hidserv - ok
20:20:11.0931 0x0bf8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:20:11.0952 0x0bf8  HidUsb - ok
20:20:11.0974 0x0bf8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:20:12.0005 0x0bf8  hkmsvc - ok
20:20:12.0021 0x0bf8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:12.0051 0x0bf8  HomeGroupListener - ok
20:20:12.0078 0x0bf8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:12.0094 0x0bf8  HomeGroupProvider - ok
20:20:12.0118 0x0bf8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:20:12.0139 0x0bf8  HpSAMD - ok
20:20:12.0177 0x0bf8  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:20:12.0204 0x0bf8  HTCAND64 - ok
20:20:12.0383 0x0bf8  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
20:20:12.0392 0x0bf8  HTCMonitorService - ok
20:20:12.0409 0x0bf8  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:20:12.0418 0x0bf8  htcnprot - ok
20:20:12.0479 0x0bf8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:20:12.0520 0x0bf8  HTTP - ok
20:20:12.0569 0x0bf8  HuaweiHiSuiteService64.exe - ok
20:20:12.0612 0x0bf8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:20:12.0620 0x0bf8  hwpolicy - ok
20:20:12.0643 0x0bf8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:20:12.0657 0x0bf8  i8042prt - ok
20:20:12.0697 0x0bf8  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
20:20:12.0719 0x0bf8  iaStor - ok
20:20:12.0778 0x0bf8  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:20:12.0786 0x0bf8  IAStorDataMgrSvc - ok
20:20:12.0876 0x0bf8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:20:12.0896 0x0bf8  iaStorV - ok
20:20:12.0966 0x0bf8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:20:12.0996 0x0bf8  idsvc - ok
20:20:13.0002 0x0bf8  IEEtwCollectorService - ok
20:20:13.0029 0x0bf8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:20:13.0040 0x0bf8  iirsp - ok
20:20:13.0103 0x0bf8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:20:13.0135 0x0bf8  IKEEXT - ok
20:20:13.0332 0x0bf8  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:20:13.0462 0x0bf8  IntcAzAudAddService - ok
20:20:13.0515 0x0bf8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:13.0543 0x0bf8  IntcDAud - ok
20:20:13.0558 0x0bf8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:20:13.0567 0x0bf8  intelide - ok
20:20:13.0775 0x0bf8  [ 5D4C27F028E059E96DCAE096F0AD1FC9, 73B8E4B5CC4CED778928E845837432D3B13DD995AFFAFBCB20591862D76EF674 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
20:20:13.0917 0x0bf8  intelkmd - ok
20:20:13.0976 0x0bf8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:20:13.0990 0x0bf8  intelppm - ok
20:20:14.0017 0x0bf8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:20:14.0054 0x0bf8  IPBusEnum - ok
20:20:14.0076 0x0bf8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:14.0111 0x0bf8  IpFilterDriver - ok
20:20:14.0159 0x0bf8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:20:14.0185 0x0bf8  iphlpsvc - ok
20:20:14.0192 0x0bf8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:20:14.0206 0x0bf8  IPMIDRV - ok
20:20:14.0214 0x0bf8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:20:14.0250 0x0bf8  IPNAT - ok
20:20:14.0334 0x0bf8  [ EECB45F889E99174DA56FBDF37962D25, 12B407C45C9D0396FF3B5B118A863CBDEE0867034AE365F4CF5A8F66A4DB2003 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:20:14.0358 0x0bf8  iPod Service - ok
20:20:14.0383 0x0bf8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:20:14.0400 0x0bf8  IRENUM - ok
20:20:14.0415 0x0bf8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:20:14.0426 0x0bf8  isapnp - ok
20:20:14.0463 0x0bf8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:20:14.0479 0x0bf8  iScsiPrt - ok
20:20:14.0498 0x0bf8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:14.0508 0x0bf8  kbdclass - ok
20:20:14.0512 0x0bf8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:14.0526 0x0bf8  kbdhid - ok
20:20:14.0547 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] KeyIso          C:\Windows\system32\lsass.exe
20:20:14.0558 0x0bf8  KeyIso - ok
20:20:14.0600 0x0bf8  [ CFBA6BCBBDC7E33813D92FFB3460FA07, 4BE0DF9AC976A991731C784CD3F32C4CED67AD58267658F046798E84BA1BF78C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:20:14.0611 0x0bf8  KSecDD - ok
20:20:14.0635 0x0bf8  [ CE66825289EE8326CB52C4E9E785ACB0, 41113B55F891A300C7967F585F59921917EC0718C26798946056B1DE534EE0E3 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:20:14.0649 0x0bf8  KSecPkg - ok
20:20:14.0677 0x0bf8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:20:14.0715 0x0bf8  ksthunk - ok
20:20:14.0747 0x0bf8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:20:14.0792 0x0bf8  KtmRm - ok
20:20:14.0820 0x0bf8  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:20:14.0829 0x0bf8  L1C - ok
20:20:14.0855 0x0bf8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:20:14.0896 0x0bf8  LanmanServer - ok
20:20:14.0926 0x0bf8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:14.0964 0x0bf8  LanmanWorkstation - ok
20:20:14.0997 0x0bf8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:20:15.0033 0x0bf8  lltdio - ok
20:20:15.0060 0x0bf8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:20:15.0102 0x0bf8  lltdsvc - ok
20:20:15.0124 0x0bf8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:20:15.0157 0x0bf8  lmhosts - ok
20:20:15.0188 0x0bf8  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:20:15.0204 0x0bf8  LMS - ok
20:20:15.0222 0x0bf8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:20:15.0237 0x0bf8  LSI_FC - ok
20:20:15.0251 0x0bf8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:20:15.0263 0x0bf8  LSI_SAS - ok
20:20:15.0269 0x0bf8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:20:15.0279 0x0bf8  LSI_SAS2 - ok
20:20:15.0296 0x0bf8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:20:15.0310 0x0bf8  LSI_SCSI - ok
20:20:15.0330 0x0bf8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:20:15.0363 0x0bf8  luafv - ok
20:20:15.0431 0x0bf8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:20:15.0441 0x0bf8  MBAMProtector - ok
20:20:15.0562 0x0bf8  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
20:20:15.0609 0x0bf8  MBAMScheduler - ok
20:20:15.0710 0x0bf8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:20:15.0746 0x0bf8  MBAMService - ok
20:20:15.0798 0x0bf8  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:20:15.0811 0x0bf8  MBAMSwissArmy - ok
20:20:15.0876 0x0bf8  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:20:15.0885 0x0bf8  MBAMWebAccessControl - ok
20:20:15.0905 0x0bf8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:20:15.0919 0x0bf8  Mcx2Svc - ok
20:20:15.0954 0x0bf8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:20:15.0965 0x0bf8  megasas - ok
20:20:15.0987 0x0bf8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:20:16.0004 0x0bf8  MegaSR - ok
20:20:16.0035 0x0bf8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:16.0045 0x0bf8  MEIx64 - ok
20:20:16.0060 0x0bf8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:20:16.0098 0x0bf8  MMCSS - ok
20:20:16.0103 0x0bf8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:20:16.0133 0x0bf8  Modem - ok
20:20:16.0141 0x0bf8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:20:16.0172 0x0bf8  monitor - ok
20:20:16.0209 0x0bf8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:20:16.0219 0x0bf8  mouclass - ok
20:20:16.0239 0x0bf8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:20:16.0251 0x0bf8  mouhid - ok
20:20:16.0297 0x0bf8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:20:16.0308 0x0bf8  mountmgr - ok
20:20:16.0362 0x0bf8  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:20:16.0374 0x0bf8  MozillaMaintenance - ok
20:20:16.0405 0x0bf8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:20:16.0419 0x0bf8  mpio - ok
20:20:16.0435 0x0bf8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:20:16.0475 0x0bf8  mpsdrv - ok
20:20:16.0514 0x0bf8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:20:16.0565 0x0bf8  MpsSvc - ok
20:20:16.0602 0x0bf8  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:20:16.0632 0x0bf8  MRxDAV - ok
20:20:16.0667 0x0bf8  [ B7FADA5E1E55BB63F90EB9F8F016113B, 33C2C898E4AD0CBD34D9A6CF51987A4703009E23CD9D4F4294BF444C4D3D5A60 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:16.0680 0x0bf8  mrxsmb - ok
20:20:16.0713 0x0bf8  [ 34AFF1849B3EC042C40C5EEC9D78562A, E3378A9977B429812C38529C562FE27945706ADB5E9E877C4A90B0285631A501 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:16.0732 0x0bf8  mrxsmb10 - ok
20:20:16.0757 0x0bf8  [ 058CE7A55E140EB0C72FBA6FD2FA72DE, B1D89E524A621BDCC464882EF621BDC7779BFCBCC9FD923D70DE130C41D0DB4C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:16.0771 0x0bf8  mrxsmb20 - ok
20:20:16.0795 0x0bf8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:20:16.0804 0x0bf8  msahci - ok
20:20:16.0843 0x0bf8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:20:16.0857 0x0bf8  msdsm - ok
20:20:16.0895 0x0bf8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:20:16.0911 0x0bf8  MSDTC - ok
20:20:16.0929 0x0bf8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:20:16.0959 0x0bf8  Msfs - ok
20:20:16.0972 0x0bf8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:20:17.0002 0x0bf8  mshidkmdf - ok
20:20:17.0015 0x0bf8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:20:17.0024 0x0bf8  msisadrv - ok
20:20:17.0055 0x0bf8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:20:17.0095 0x0bf8  MSiSCSI - ok
20:20:17.0100 0x0bf8  msiserver - ok
20:20:17.0126 0x0bf8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:20:17.0160 0x0bf8  MSKSSRV - ok
20:20:17.0165 0x0bf8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:17.0214 0x0bf8  MSPCLOCK - ok
20:20:17.0234 0x0bf8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:20:17.0265 0x0bf8  MSPQM - ok
20:20:17.0289 0x0bf8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:20:17.0310 0x0bf8  MsRPC - ok
20:20:17.0327 0x0bf8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:20:17.0336 0x0bf8  mssmbios - ok
20:20:17.0458 0x0bf8  MSSQL$SQLEXPRESS - ok
20:20:17.0764 0x0bf8  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:20:17.0774 0x0bf8  MSSQLServerADHelper100 - ok
20:20:17.0803 0x0bf8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:20:17.0837 0x0bf8  MSTEE - ok
20:20:17.0849 0x0bf8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:20:17.0860 0x0bf8  MTConfig - ok
20:20:17.0877 0x0bf8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:20:17.0888 0x0bf8  Mup - ok
20:20:17.0927 0x0bf8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:20:17.0971 0x0bf8  napagent - ok
20:20:17.0990 0x0bf8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:20:18.0013 0x0bf8  NativeWifiP - ok
20:20:18.0083 0x0bf8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:20:18.0114 0x0bf8  NDIS - ok
20:20:18.0150 0x0bf8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:18.0188 0x0bf8  NdisCap - ok
20:20:18.0202 0x0bf8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:18.0249 0x0bf8  NdisTapi - ok
20:20:18.0274 0x0bf8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:18.0306 0x0bf8  Ndisuio - ok
20:20:18.0321 0x0bf8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:18.0356 0x0bf8  NdisWan - ok
20:20:18.0375 0x0bf8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:20:18.0410 0x0bf8  NDProxy - ok
20:20:18.0424 0x0bf8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:20:18.0459 0x0bf8  NetBIOS - ok
20:20:18.0503 0x0bf8  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:20:18.0522 0x0bf8  NetBT - ok
20:20:18.0546 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] Netlogon        C:\Windows\system32\lsass.exe
20:20:18.0558 0x0bf8  Netlogon - ok
20:20:18.0594 0x0bf8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:20:18.0636 0x0bf8  Netman - ok
20:20:18.0692 0x0bf8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:20:18.0707 0x0bf8  NetMsmqActivator - ok
20:20:18.0714 0x0bf8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:20:18.0728 0x0bf8  NetPipeActivator - ok
20:20:18.0761 0x0bf8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:20:18.0809 0x0bf8  netprofm - ok
20:20:18.0824 0x0bf8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:20:18.0836 0x0bf8  NetTcpActivator - ok
20:20:18.0844 0x0bf8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:20:18.0858 0x0bf8  NetTcpPortSharing - ok
20:20:18.0885 0x0bf8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:20:18.0896 0x0bf8  nfrd960 - ok
20:20:18.0944 0x0bf8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:20:18.0971 0x0bf8  NlaSvc - ok
20:20:19.0002 0x0bf8  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
20:20:19.0026 0x0bf8  nmwcd - ok
20:20:19.0079 0x0bf8  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
20:20:19.0104 0x0bf8  nmwcdc - ok
20:20:19.0117 0x0bf8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:20:19.0151 0x0bf8  Npfs - ok
20:20:19.0179 0x0bf8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:20:19.0213 0x0bf8  nsi - ok
20:20:19.0240 0x0bf8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:20:19.0273 0x0bf8  nsiproxy - ok
20:20:19.0366 0x0bf8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:20:19.0426 0x0bf8  Ntfs - ok
20:20:19.0447 0x0bf8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:20:19.0490 0x0bf8  Null - ok
20:20:19.0522 0x0bf8  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:20:19.0542 0x0bf8  nusb3hub - ok
20:20:19.0558 0x0bf8  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:20:19.0584 0x0bf8  nusb3xhc - ok
20:20:19.0974 0x0bf8  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:20.0317 0x0bf8  nvlddmkm - ok
20:20:20.0370 0x0bf8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:20:20.0384 0x0bf8  nvraid - ok
20:20:20.0423 0x0bf8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:20:20.0437 0x0bf8  nvstor - ok
20:20:20.0455 0x0bf8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:20:20.0480 0x0bf8  nv_agp - ok
20:20:20.0488 0x0bf8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:20:20.0501 0x0bf8  ohci1394 - ok
20:20:20.0566 0x0bf8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:20.0576 0x0bf8  ose - ok
20:20:20.0784 0x0bf8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:20:20.0995 0x0bf8  osppsvc - ok
20:20:21.0050 0x0bf8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:20:21.0068 0x0bf8  p2pimsvc - ok
20:20:21.0093 0x0bf8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:20:21.0114 0x0bf8  p2psvc - ok
20:20:21.0144 0x0bf8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
20:20:21.0158 0x0bf8  Parport - ok
20:20:21.0196 0x0bf8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:20:21.0225 0x0bf8  partmgr - ok
20:20:21.0272 0x0bf8  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:20:21.0280 0x0bf8  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
20:20:21.0466 0x0bf8  Detect skipped due to KSN trusted
20:20:21.0466 0x0bf8  PassThru Service - ok
20:20:21.0512 0x0bf8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:20:21.0558 0x0bf8  PcaSvc - ok
20:20:21.0601 0x0bf8  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:20:21.0618 0x0bf8  pccsmcfd - ok
20:20:21.0647 0x0bf8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:20:21.0661 0x0bf8  pci - ok
20:20:21.0703 0x0bf8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:20:21.0712 0x0bf8  pciide - ok
20:20:21.0737 0x0bf8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:20:21.0753 0x0bf8  pcmcia - ok
20:20:21.0764 0x0bf8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:20:21.0776 0x0bf8  pcw - ok
20:20:21.0829 0x0bf8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:20:21.0857 0x0bf8  PEAUTH - ok
20:20:21.0925 0x0bf8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:20:21.0939 0x0bf8  PerfHost - ok
20:20:22.0022 0x0bf8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:20:22.0097 0x0bf8  pla - ok
20:20:22.0152 0x0bf8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:20:22.0175 0x0bf8  PlugPlay - ok
20:20:22.0250 0x0bf8  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:20:22.0267 0x0bf8  PMBDeviceInfoProvider - ok
20:20:22.0296 0x0bf8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:20:22.0308 0x0bf8  PNRPAutoReg - ok
20:20:22.0329 0x0bf8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:20:22.0347 0x0bf8  PNRPsvc - ok
20:20:22.0391 0x0bf8  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:20:22.0433 0x0bf8  PolicyAgent - ok
20:20:22.0467 0x0bf8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:20:22.0516 0x0bf8  Power - ok
20:20:22.0547 0x0bf8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:20:22.0586 0x0bf8  PptpMiniport - ok
20:20:22.0604 0x0bf8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:20:22.0617 0x0bf8  Processor - ok
20:20:22.0655 0x0bf8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:20:22.0678 0x0bf8  ProfSvc - ok
20:20:22.0702 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:22.0713 0x0bf8  ProtectedStorage - ok
20:20:22.0733 0x0bf8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:20:22.0765 0x0bf8  Psched - ok
20:20:22.0792 0x0bf8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:20:22.0801 0x0bf8  PxHlpa64 - ok
20:20:22.0868 0x0bf8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:20:22.0921 0x0bf8  ql2300 - ok
20:20:22.0941 0x0bf8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:20:22.0953 0x0bf8  ql40xx - ok
20:20:23.0006 0x0bf8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:20:23.0030 0x0bf8  QWAVE - ok
20:20:23.0058 0x0bf8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:20:23.0076 0x0bf8  QWAVEdrv - ok
20:20:23.0085 0x0bf8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:20:23.0116 0x0bf8  RasAcd - ok
20:20:23.0147 0x0bf8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:23.0183 0x0bf8  RasAgileVpn - ok
20:20:23.0203 0x0bf8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:20:23.0240 0x0bf8  RasAuto - ok
20:20:23.0259 0x0bf8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:23.0294 0x0bf8  Rasl2tp - ok
20:20:23.0341 0x0bf8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:20:23.0385 0x0bf8  RasMan - ok
20:20:23.0407 0x0bf8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:23.0437 0x0bf8  RasPppoe - ok
20:20:23.0458 0x0bf8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:20:23.0489 0x0bf8  RasSstp - ok
20:20:23.0510 0x0bf8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:20:23.0568 0x0bf8  rdbss - ok
20:20:23.0582 0x0bf8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:20:23.0596 0x0bf8  rdpbus - ok
20:20:23.0613 0x0bf8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:23.0646 0x0bf8  RDPCDD - ok
20:20:23.0675 0x0bf8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:20:23.0711 0x0bf8  RDPENCDD - ok
20:20:23.0723 0x0bf8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:20:23.0756 0x0bf8  RDPREFMP - ok
20:20:23.0828 0x0bf8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:20:23.0853 0x0bf8  RdpVideoMiniport - ok
20:20:23.0889 0x0bf8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:20:23.0905 0x0bf8  RDPWD - ok
20:20:23.0923 0x0bf8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:20:23.0938 0x0bf8  rdyboost - ok
20:20:23.0961 0x0bf8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:20:23.0998 0x0bf8  RemoteAccess - ok
20:20:24.0025 0x0bf8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:20:24.0065 0x0bf8  RemoteRegistry - ok
20:20:24.0098 0x0bf8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:20:24.0115 0x0bf8  RFCOMM - ok
20:20:24.0146 0x0bf8  [ FF71ECB1B121C6273EC4C45EDDBC4FE4, 565BAEEF31F0F0957B62809A493ED604C06192876830C20FCCFA6283E8FF745B ] rimspci         C:\Windows\system32\DRIVERS\rimssne64.sys
20:20:24.0170 0x0bf8  rimspci - ok
20:20:24.0182 0x0bf8  [ E33075C22C14C57095F037253F936BB8, CC2A606193DC9D64F6381C87DF4384845E135AE2A60AF53A9D178566C687FDF7 ] risdsnpe        C:\Windows\system32\DRIVERS\risdsnxc64.sys
20:20:24.0205 0x0bf8  risdsnpe - ok
20:20:24.0226 0x0bf8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:20:24.0271 0x0bf8  RpcEptMapper - ok
20:20:24.0302 0x0bf8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:20:24.0315 0x0bf8  RpcLocator - ok
20:20:24.0343 0x0bf8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:20:24.0390 0x0bf8  RpcSs - ok
20:20:24.0444 0x0bf8  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
20:20:24.0462 0x0bf8  RsFx0103 - ok
20:20:24.0496 0x0bf8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:20:24.0547 0x0bf8  rspndr - ok
20:20:24.0579 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] SamSs           C:\Windows\system32\lsass.exe
20:20:24.0593 0x0bf8  SamSs - ok
20:20:24.0607 0x0bf8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:20:24.0618 0x0bf8  sbp2port - ok
20:20:24.0649 0x0bf8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:20:24.0690 0x0bf8  SCardSvr - ok
20:20:24.0720 0x0bf8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:20:24.0749 0x0bf8  scfilter - ok
20:20:24.0825 0x0bf8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
20:20:24.0880 0x0bf8  Schedule - ok
20:20:24.0920 0x0bf8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:20:24.0954 0x0bf8  SCPolicySvc - ok
20:20:24.0980 0x0bf8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:20:24.0996 0x0bf8  sdbus - ok
20:20:25.0032 0x0bf8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:20:25.0050 0x0bf8  SDRSVC - ok
20:20:25.0070 0x0bf8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:20:25.0096 0x0bf8  secdrv - ok
20:20:25.0133 0x0bf8  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
20:20:25.0163 0x0bf8  seclogon - ok
20:20:25.0204 0x0bf8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:20:25.0242 0x0bf8  SENS - ok
20:20:25.0260 0x0bf8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:20:25.0292 0x0bf8  SensrSvc - ok
20:20:25.0325 0x0bf8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:20:25.0336 0x0bf8  Serenum - ok
20:20:25.0345 0x0bf8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:20:25.0361 0x0bf8  Serial - ok
20:20:25.0368 0x0bf8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:20:25.0380 0x0bf8  sermouse - ok
20:20:25.0497 0x0bf8  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:20:25.0524 0x0bf8  ServiceLayer - ok
20:20:25.0571 0x0bf8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:20:25.0604 0x0bf8  SessionEnv - ok
20:20:25.0632 0x0bf8  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
20:20:25.0656 0x0bf8  SFEP - ok
20:20:25.0674 0x0bf8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:20:25.0689 0x0bf8  sffdisk - ok
20:20:25.0707 0x0bf8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:20:25.0737 0x0bf8  sffp_mmc - ok
20:20:25.0742 0x0bf8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:20:25.0757 0x0bf8  sffp_sd - ok
20:20:25.0763 0x0bf8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:20:25.0774 0x0bf8  sfloppy - ok
20:20:25.0824 0x0bf8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:20:25.0868 0x0bf8  SharedAccess - ok
20:20:25.0906 0x0bf8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:25.0950 0x0bf8  ShellHWDetection - ok
20:20:25.0965 0x0bf8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:20:25.0977 0x0bf8  SiSRaid2 - ok
20:20:25.0997 0x0bf8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:20:26.0007 0x0bf8  SiSRaid4 - ok
20:20:26.0127 0x0bf8  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:26.0145 0x0bf8  SkypeUpdate - ok
20:20:26.0170 0x0bf8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:20:26.0207 0x0bf8  Smb - ok
20:20:26.0245 0x0bf8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:20:26.0260 0x0bf8  SNMPTRAP - ok
20:20:26.0323 0x0bf8  [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:20:26.0333 0x0bf8  SOHCImp - ok
20:20:26.0354 0x0bf8  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:20:26.0363 0x0bf8  SOHDs - ok
20:20:26.0413 0x0bf8  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:20:26.0428 0x0bf8  SpfService - ok
20:20:26.0475 0x0bf8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:20:26.0486 0x0bf8  spldr - ok
20:20:26.0535 0x0bf8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:20:26.0572 0x0bf8  Spooler - ok
20:20:26.0713 0x0bf8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:20:26.0844 0x0bf8  sppsvc - ok
20:20:26.0879 0x0bf8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:20:26.0914 0x0bf8  sppuinotify - ok
20:20:27.0048 0x0bf8  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:20:27.0068 0x0bf8  SQLAgent$SQLEXPRESS - ok
20:20:27.0180 0x0bf8  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:20:27.0196 0x0bf8  SQLBrowser - ok
20:20:27.0233 0x0bf8  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:20:27.0244 0x0bf8  SQLWriter - ok
20:20:27.0285 0x0bf8  [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:20:27.0323 0x0bf8  srv - ok
20:20:27.0349 0x0bf8  [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:20:27.0371 0x0bf8  srv2 - ok
20:20:27.0396 0x0bf8  [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:20:27.0411 0x0bf8  srvnet - ok
20:20:27.0484 0x0bf8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:20:27.0522 0x0bf8  SSDPSRV - ok
20:20:27.0544 0x0bf8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:20:27.0591 0x0bf8  SstpSvc - ok
20:20:27.0614 0x0bf8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:20:27.0625 0x0bf8  stexstor - ok
20:20:27.0660 0x0bf8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:20:27.0693 0x0bf8  stisvc - ok
20:20:27.0703 0x0bf8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:20:27.0713 0x0bf8  swenum - ok
20:20:27.0757 0x0bf8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:20:27.0802 0x0bf8  swprv - ok
20:20:27.0880 0x0bf8  [ B0C7D4DCF4800DF2F2145B500D0161E8, 0E62B0143040C135CA3C09E6D8A5BD6FC0655C860C3BD000BE076EB1E69E7273 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:20:27.0924 0x0bf8  SynTP - ok
20:20:28.0025 0x0bf8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
20:20:28.0086 0x0bf8  SysMain - ok
20:20:28.0123 0x0bf8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:28.0143 0x0bf8  TabletInputService - ok
20:20:28.0169 0x0bf8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:20:28.0210 0x0bf8  TapiSrv - ok
20:20:28.0239 0x0bf8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:20:28.0279 0x0bf8  TBS - ok
20:20:28.0367 0x0bf8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:20:28.0439 0x0bf8  Tcpip - ok
20:20:28.0492 0x0bf8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:20:28.0559 0x0bf8  TCPIP6 - ok
20:20:28.0603 0x0bf8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:20:28.0615 0x0bf8  tcpipreg - ok
20:20:28.0653 0x0bf8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:20:28.0662 0x0bf8  TDPIPE - ok
20:20:28.0689 0x0bf8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:20:28.0699 0x0bf8  TDTCP - ok
20:20:28.0744 0x0bf8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:20:28.0757 0x0bf8  tdx - ok
20:20:28.0772 0x0bf8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:20:28.0783 0x0bf8  TermDD - ok
20:20:28.0840 0x0bf8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:20:28.0868 0x0bf8  TermService - ok
20:20:28.0915 0x0bf8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:20:28.0932 0x0bf8  Themes - ok
20:20:28.0960 0x0bf8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:20:28.0994 0x0bf8  THREADORDER - ok
20:20:29.0019 0x0bf8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:20:29.0058 0x0bf8  TrkWks - ok
20:20:29.0099 0x0bf8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:29.0135 0x0bf8  TrustedInstaller - ok
20:20:29.0247 0x0bf8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:29.0257 0x0bf8  tssecsrv - ok
20:20:29.0296 0x0bf8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:20:29.0308 0x0bf8  TsUsbFlt - ok
20:20:29.0331 0x0bf8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:20:29.0341 0x0bf8  TsUsbGD - ok
20:20:29.0372 0x0bf8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:20:29.0405 0x0bf8  tunnel - ok
20:20:29.0420 0x0bf8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:20:29.0431 0x0bf8  uagp35 - ok
20:20:29.0476 0x0bf8  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:20:29.0486 0x0bf8  uCamMonitor - ok
20:20:29.0510 0x0bf8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:20:29.0551 0x0bf8  udfs - ok
20:20:29.0588 0x0bf8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:20:29.0600 0x0bf8  UI0Detect - ok
20:20:29.0607 0x0bf8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:20:29.0619 0x0bf8  uliagpkx - ok
20:20:29.0652 0x0bf8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:20:29.0663 0x0bf8  umbus - ok
20:20:29.0671 0x0bf8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:20:29.0682 0x0bf8  UmPass - ok
20:20:29.0835 0x0bf8  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:20:29.0921 0x0bf8  UNS - ok
20:20:29.0966 0x0bf8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:20:30.0010 0x0bf8  upnphost - ok
20:20:30.0056 0x0bf8  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:20:30.0080 0x0bf8  upperdev - ok
20:20:30.0119 0x0bf8  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:20:30.0149 0x0bf8  USBAAPL64 - ok
20:20:30.0204 0x0bf8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:20:30.0219 0x0bf8  usbaudio - ok
20:20:30.0258 0x0bf8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:30.0273 0x0bf8  usbccgp - ok
20:20:30.0312 0x0bf8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:20:30.0335 0x0bf8  usbcir - ok
20:20:30.0377 0x0bf8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:20:30.0390 0x0bf8  usbehci - ok
20:20:30.0419 0x0bf8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:20:30.0437 0x0bf8  usbhub - ok
20:20:30.0459 0x0bf8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:20:30.0472 0x0bf8  usbohci - ok
20:20:30.0496 0x0bf8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:20:30.0510 0x0bf8  usbprint - ok
20:20:30.0546 0x0bf8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:20:30.0563 0x0bf8  usbscan - ok
20:20:30.0608 0x0bf8  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
20:20:30.0630 0x0bf8  usbser - ok
20:20:30.0663 0x0bf8  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
20:20:30.0684 0x0bf8  UsbserFilt - ok
20:20:30.0713 0x0bf8  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:30.0738 0x0bf8  USBSTOR - ok
20:20:30.0774 0x0bf8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:20:30.0785 0x0bf8  usbuhci - ok
20:20:30.0825 0x0bf8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:20:30.0840 0x0bf8  usbvideo - ok
20:20:30.0868 0x0bf8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
20:20:30.0885 0x0bf8  usb_rndisx - ok
20:20:30.0905 0x0bf8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:20:30.0936 0x0bf8  UxSms - ok
20:20:30.0986 0x0bf8  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
20:20:30.0995 0x0bf8  VAIO Event Service - ok
20:20:31.0072 0x0bf8  [ EF7CF87F940F9104A3079F839BDC60C5, 12C458454DE960F5C2C3351E2D60B2536AFBB7A005AC6327945A3F69BD43FA66 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:20:31.0104 0x0bf8  VAIO Power Management - ok
20:20:31.0125 0x0bf8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] VaultSvc        C:\Windows\system32\lsass.exe
20:20:31.0136 0x0bf8  VaultSvc - ok
20:20:31.0216 0x0bf8  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:20:31.0247 0x0bf8  VCFw - ok
20:20:31.0283 0x0bf8  [ 4B7ED2D6F738219068361BB14D19CBDE, 20A41B2D6F8423839D455A87FEDA646FFBF4CFD95928C2D410E77396CC675373 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:20:31.0313 0x0bf8  VcmIAlzMgr - ok
20:20:31.0346 0x0bf8  [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
20:20:31.0369 0x0bf8  VcmINSMgr - ok
20:20:31.0413 0x0bf8  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
20:20:31.0423 0x0bf8  VcmXmlIfHelper - ok
20:20:31.0466 0x0bf8  [ D347D3ABE070AA09C22FC37121555D52, EE62F6A3489AAA54A5E3BD6264C473EF091CF848F9047A8446D2947D79B0A672 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
20:20:31.0473 0x0bf8  VCService - ok
20:20:31.0496 0x0bf8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:20:31.0505 0x0bf8  vdrvroot - ok
20:20:31.0547 0x0bf8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:20:31.0595 0x0bf8  vds - ok
20:20:31.0611 0x0bf8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:31.0626 0x0bf8  vga - ok
20:20:31.0646 0x0bf8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:20:31.0682 0x0bf8  VgaSave - ok
20:20:31.0692 0x0bf8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:20:31.0706 0x0bf8  vhdmp - ok
20:20:31.0740 0x0bf8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:20:31.0749 0x0bf8  viaide - ok
20:20:31.0778 0x0bf8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:20:31.0789 0x0bf8  volmgr - ok
20:20:31.0810 0x0bf8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:20:31.0828 0x0bf8  volmgrx - ok
20:20:31.0842 0x0bf8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:20:31.0859 0x0bf8  volsnap - ok
20:20:31.0877 0x0bf8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:20:31.0891 0x0bf8  vsmraid - ok
20:20:31.0972 0x0bf8  [ 86958A24639B8E3A84F14307CE35650B, C16CC385239B441FD3B363EB17D0EA5C792F274347EA028758103E7DC85B9318 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:20:32.0014 0x0bf8  VSNService - ok
20:20:32.0088 0x0bf8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:20:32.0163 0x0bf8  VSS - ok
20:20:32.0389 0x0bf8  [ 16595E67A5AE390C70F4A482644C6D3D, 5D233199963E4970CDE93A800E4C40E675979AE255590E060391AE315D45DA71 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
20:20:32.0450 0x0bf8  VUAgent - ok
20:20:32.0471 0x0bf8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:32.0485 0x0bf8  vwifibus - ok
20:20:32.0498 0x0bf8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:32.0516 0x0bf8  vwififlt - ok
20:20:32.0538 0x0bf8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:20:32.0554 0x0bf8  vwifimp - ok
20:20:32.0587 0x0bf8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:20:32.0647 0x0bf8  W32Time - ok
20:20:32.0687 0x0bf8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:20:32.0699 0x0bf8  WacomPen - ok
20:20:32.0720 0x0bf8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:20:32.0755 0x0bf8  WANARP - ok
20:20:32.0763 0x0bf8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:20:32.0800 0x0bf8  Wanarpv6 - ok
20:20:32.0875 0x0bf8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:20:32.0915 0x0bf8  WatAdminSvc - ok
20:20:32.0991 0x0bf8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:20:33.0044 0x0bf8  wbengine - ok
20:20:33.0070 0x0bf8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:20:33.0093 0x0bf8  WbioSrvc - ok
20:20:33.0121 0x0bf8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:20:33.0148 0x0bf8  wcncsvc - ok
20:20:33.0180 0x0bf8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:20:33.0193 0x0bf8  WcsPlugInService - ok
20:20:33.0212 0x0bf8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:20:33.0222 0x0bf8  Wd - ok
20:20:33.0279 0x0bf8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:20:33.0310 0x0bf8  Wdf01000 - ok
20:20:33.0361 0x0bf8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:20:33.0403 0x0bf8  WdiServiceHost - ok
20:20:33.0414 0x0bf8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:20:33.0427 0x0bf8  WdiSystemHost - ok
20:20:33.0468 0x0bf8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
20:20:33.0512 0x0bf8  WebClient - ok
20:20:33.0545 0x0bf8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:20:33.0584 0x0bf8  Wecsvc - ok
20:20:33.0607 0x0bf8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:20:33.0641 0x0bf8  wercplsupport - ok
20:20:33.0660 0x0bf8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:20:33.0696 0x0bf8  WerSvc - ok
20:20:33.0732 0x0bf8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:33.0771 0x0bf8  WfpLwf - ok
20:20:33.0788 0x0bf8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:20:33.0797 0x0bf8  WIMMount - ok
20:20:33.0825 0x0bf8  WinDefend - ok
20:20:33.0841 0x0bf8  WinHttpAutoProxySvc - ok
20:20:33.0899 0x0bf8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:20:33.0934 0x0bf8  Winmgmt - ok
20:20:34.0039 0x0bf8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:20:34.0110 0x0bf8  WinRM - ok
20:20:34.0167 0x0bf8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:34.0184 0x0bf8  WinUsb - ok
20:20:34.0254 0x0bf8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:20:34.0294 0x0bf8  Wlansvc - ok
20:20:34.0338 0x0bf8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:20:34.0346 0x0bf8  wlcrasvc - ok
20:20:34.0444 0x0bf8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:34.0518 0x0bf8  wlidsvc - ok
20:20:34.0555 0x0bf8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:20:34.0564 0x0bf8  WmiAcpi - ok
20:20:34.0606 0x0bf8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:20:34.0638 0x0bf8  wmiApSrv - ok
20:20:34.0658 0x0bf8  WMPNetworkSvc - ok
20:20:34.0683 0x0bf8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:20:34.0695 0x0bf8  WPCSvc - ok
20:20:34.0719 0x0bf8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:20:34.0735 0x0bf8  WPDBusEnum - ok
20:20:34.0766 0x0bf8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:20:34.0799 0x0bf8  ws2ifsl - ok
20:20:34.0814 0x0bf8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:20:34.0832 0x0bf8  wscsvc - ok
20:20:34.0837 0x0bf8  WSearch - ok
20:20:34.0960 0x0bf8  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:20:35.0066 0x0bf8  wuauserv - ok
20:20:35.0108 0x0bf8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:20:35.0131 0x0bf8  WudfPf - ok
20:20:35.0164 0x0bf8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:35.0182 0x0bf8  WUDFRd - ok
20:20:35.0224 0x0bf8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:20:35.0239 0x0bf8  wudfsvc - ok
20:20:35.0284 0x0bf8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:20:35.0315 0x0bf8  WwanSvc - ok
20:20:35.0495 0x0bf8  [ 529D9F6C9A3BB3E8450E6EFAF24F9B7D, D492E58BE85A28843C7F6BA221E54233E95690287232B60D202ACE796B807604 ] {C5F942FD-1110-4664-86CE-0C6BDA305235} C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
20:20:35.0504 0x0bf8  {C5F942FD-1110-4664-86CE-0C6BDA305235} - ok
20:20:35.0528 0x0bf8  ================ Scan global ===============================
20:20:35.0581 0x0bf8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:20:35.0622 0x0bf8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
20:20:35.0637 0x0bf8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
20:20:35.0680 0x0bf8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:20:35.0731 0x0bf8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:20:35.0740 0x0bf8  [ Global ] - ok
20:20:35.0740 0x0bf8  ================ Scan MBR ==================================
20:20:35.0759 0x0bf8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:20:36.0748 0x0bf8  \Device\Harddisk0\DR0 - ok
20:20:37.0056 0x0bf8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:20:37.0197 0x0bf8  \Device\Harddisk1\DR1 - ok
20:20:37.0200 0x0bf8  ================ Scan VBR ==================================
20:20:37.0230 0x0bf8  [ D3BC7E9D2379708E9BCABC9FFE112A96 ] \Device\Harddisk0\DR0\Partition1
20:20:37.0231 0x0bf8  \Device\Harddisk0\DR0\Partition1 - ok
20:20:37.0244 0x0bf8  [ 5DC89C4BFDD76E5437D8E110915602DC ] \Device\Harddisk0\DR0\Partition2
20:20:37.0245 0x0bf8  \Device\Harddisk0\DR0\Partition2 - ok
20:20:37.0250 0x0bf8  [ 3106DD3D4CDEF8B15D5F2F2F472159B7 ] \Device\Harddisk1\DR1\Partition1
20:20:37.0254 0x0bf8  \Device\Harddisk1\DR1\Partition1 - ok
20:20:37.0256 0x0bf8  ================ Scan generic autorun ======================
20:20:37.0394 0x0bf8  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:20:37.0465 0x0bf8  RtHDVBg - ok
20:20:37.0537 0x0bf8  [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
20:20:37.0569 0x0bf8  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
20:20:37.0753 0x0bf8  Detect skipped due to KSN trusted
20:20:37.0753 0x0bf8  AtherosBtStack - ok
20:20:37.0808 0x0bf8  [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:20:37.0832 0x0bf8  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
20:20:38.0018 0x0bf8  Detect skipped due to KSN trusted
20:20:38.0018 0x0bf8  AthBtTray - ok
20:20:38.0020 0x0bf8  SynTPEnh - ok
20:20:38.0119 0x0bf8  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:20:38.0135 0x0bf8  AdobeAAMUpdater-1.0 - ok
20:20:38.0238 0x0bf8  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:20:38.0304 0x0bf8  RtHDVBg_Dolby - ok
20:20:38.0353 0x0bf8  [ 01647C2D6FE5B5419D479F8E1F091060, A4761207B5CA914C20DBB137880EDA10CB89806201A1F98153256F155363333B ] C:\Windows\system32\igfxtray.exe
20:20:38.0365 0x0bf8  IgfxTray - ok
20:20:38.0410 0x0bf8  [ 644E730F175458C17848730F86F4E98A, FBF71975F9DDF7C4775EF3D175E9C5B109C92E67B5F6F6F61BAB55CE775F54BA ] C:\Windows\system32\hkcmd.exe
20:20:38.0429 0x0bf8  HotKeysCmds - ok
20:20:38.0458 0x0bf8  [ AF641E9D5F10F9AC160C06BA303931C2, 3D16AA48DC01D838F7A1657AE3A5D15CDCB626C01711ACBB2DD69775FD174BA0 ] C:\Windows\system32\igfxpers.exe
20:20:38.0481 0x0bf8  Persistence - ok
20:20:38.0554 0x0bf8  [ ADEA393B2B49EB25578702F4F5525E93, 8F0AB94BEA3751C566CBFF2F9A29495CCAC029DE3721107BBA892A418FD70581 ] C:\Program Files\iTunes\iTunesHelper.exe
20:20:38.0566 0x0bf8  iTunesHelper - ok
20:20:38.0621 0x0bf8  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
20:20:38.0637 0x0bf8  IAStorIcon - ok
20:20:38.0758 0x0bf8  [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
20:20:38.0872 0x0bf8  ISBMgr.exe - ok
20:20:38.0932 0x0bf8  [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
20:20:38.0958 0x0bf8  PMBVolumeWatcher - ok
20:20:38.0995 0x0bf8  [ AF09BA5C777AB769DA6AA5AC6B08B796, E1DD93A332BBFEDB81C6AEAC07E46788D9C21E1617D70D92546942012EF0DCCB ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
20:20:39.0009 0x0bf8  BDRegion - ok
20:20:39.0077 0x0bf8  [ 4AC6587E639CD5EAB5B657E7C1FBE680, 30FED733DA956D57016AB6570851E9B8A1C7711D0741EF14B792E3ECEB5AD035 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
20:20:39.0091 0x0bf8  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
20:20:39.0291 0x0bf8  Detect skipped due to KSN trusted
20:20:39.0291 0x0bf8  FreePDF Assistant - ok
20:20:39.0505 0x0bf8  [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:20:39.0569 0x0bf8  avgnt - ok
20:20:39.0654 0x0bf8  [ B69207036E1A2A80399013D4F1F5E02F, 01E599A1BDC059B09A8DC0469CB105EB98CA313CC83F56A8521A81277D1B9DD5 ] C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
20:20:39.0701 0x0bf8  PowerDVD14Agent - ok
20:20:39.0788 0x0bf8  [ 29C5276E636F4629B44321602CCA92BC, EEF6AFD4A7FA2E485F0779B126810FF16710E4CCE32F26D9F29209C1168CAEEF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:20:39.0812 0x0bf8  StartCCC - ok
20:20:39.0926 0x0bf8  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:20:39.0936 0x0bf8  Avira SystrayStartTrigger - ok
20:20:40.0037 0x0bf8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:20:40.0084 0x0bf8  Sidebar - ok
20:20:40.0116 0x0bf8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:20:40.0136 0x0bf8  mctadmin - ok
20:20:40.0170 0x0bf8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:20:40.0211 0x0bf8  Sidebar - ok
20:20:40.0217 0x0bf8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:20:40.0236 0x0bf8  mctadmin - ok
20:20:40.0314 0x0bf8  VSee - ok
20:20:40.0458 0x0bf8  [ F04F28C39F0D871A194B41F58B859017, 29A45CB1B9F369CB2B7F96DC94E622F099DDED52621CE17B9F7E9C19D7CDA4CB ] C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe
20:20:40.0482 0x0bf8  GoToMeeting - ok
20:20:40.0483 0x0bf8  Waiting for KSN requests completion. In queue: 162
20:20:41.0499 0x0bf8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
20:20:41.0502 0x0bf8  Win FW state via NFP2: enabled ( trusted )
20:20:41.0715 0x0bf8  ============================================================
20:20:41.0715 0x0bf8  Scan finished
20:20:41.0715 0x0bf8  ============================================================
20:20:41.0722 0x1938  Detected object count: 0
20:20:41.0722 0x1938  Actual detected object count: 0

Arty · 17.09.2016, 19:25

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.020 - Bericht erstellt am 17/09/2016 um 08:30:25
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-17.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : HO - HO-VAIO
# Gestartet von : C:\Users\HO\Downloads\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\HO\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\Users\HO\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\ProgramData\apn
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\apn
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-4300-7A786E7484D7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-4300-7A786E7484D7}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-4300-7A786E7484D7}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\VNT
[-] Schlüssel gelöscht: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\VNT
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\VNT
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-569190459-326481895-3770856800-1001\Software\AskPartnerNetwork
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\VNT
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\VNT
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\VNT
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-569190459-326481895-3770856800-1001\Software\AskPartnerNetwork
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\VNT
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9934 Bytes] - [17/09/2016 08:30:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [9785 Bytes] - [17/09/2016 08:27:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10080 Bytes] ##########

--- --- ---

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.09.2016
Suchlaufzeit: 10:23
Protokolldatei: Malware Log I.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.17.03
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: HO

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373953
Abgelaufene Zeit: 42 Min., 5 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 17.09.2016, 20:37

Servus,

bitte beachten:

Zitat:

Gestartet von C:\Users\HO\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Arty · 18.09.2016, 07:32

Moin, moin Matthias.. ups. danke für hinweis.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von HO (Administrator) auf HO-VAIO (18-09-2016 08:26:56)
Gestartet von C:\Users\HO\Desktop
Geladene Profile: HO (Verfügbare Profile: HO)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(VSee Lab, Inc.) C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mcomm.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mlauncher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Farbar) C:\Users\HO\Desktop\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-28] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-11-07] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [VSee] => C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe [22674968 2014-08-12] (VSee Lab, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [GoToMeeting] => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe [41536 2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [] => [X]
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {64318709-472b-11e3-95bc-f0bf975f1bea} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {825f4dd3-e0e2-11e4-bccd-f0bf975f1bea} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {9fe1c7e9-9aaa-11e5-aa02-f0bf975f1bea} - F:\autorun.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {c937ccd4-d6a3-11e4-8d8f-90004ec8d1f8} - F:\AutoRun.exe
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\MountPoints2: {d853c108-46e7-11e3-8c08-f0bf975f1bea} - G:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\HO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-12-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5D76E115-A2D2-4863-BB2E-9374840F8A75}: [DhcpNameServer] 10.3.128.4
Tcpip\..\Interfaces\{A11A85BB-E085-4FFD-94EE-FFC3A5FFC6C9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {21E70A4D-EE68-4D33-9B96-CAEA082328E9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {6F1D62BB-A687-4750-A16D-0861C5CE8495} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {AF0246D0-1070-4208-AD72-6A975DE7EEC0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: CmjBrowserHelperObject Object -> {07A11D74-9D25-4fea-A833-8B0D76A5577A} -> C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @citrixonline.com/appdetectorplugin -> C:\Users\HO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: vsee.com/VSeeDetection -> C:\Users\HO\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2013-11-03] (VSee Lab)
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\search_engine.xml [2014-06-20]
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\youtube.xml [2015-12-06]
FF Extension: (Cliqz) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\cliqz@cliqz.com.xpi [2016-09-10]
FF Extension: (Firefox Hotfix) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\newtaboverride@agenedia.com.xpi [2016-08-04]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243464 2013-08-28] (CyberLink)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-15] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-03-07] (REDC)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-07] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 08:26 - 2016-09-18 08:27 - 00026887 _____ C:\Users\HO\Desktop\FRST.txt
2016-09-18 08:12 - 2016-09-18 08:12 - 02399232 _____ (Farbar) C:\Users\HO\Desktop\FRST64(1).exe
2016-09-17 20:19 - 2016-09-17 22:17 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.19.14_log.txt
2016-09-17 20:12 - 2016-09-17 20:12 - 00001208 _____ C:\Users\HO\Downloads\Malware Log I.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001217 _____ C:\Users\HO\Downloads\Malware log II.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001208 _____ C:\Malware Log I.txt
2016-09-17 20:03 - 2016-09-17 20:10 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.03.33_log.txt
2016-09-17 20:01 - 2016-09-17 20:03 - 00005352 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.01.54_log.txt
2016-09-17 20:01 - 2016-09-17 20:01 - 04747704 _____ (AO Kaspersky Lab) C:\Users\HO\Desktop\tdsskiller.exe
2016-09-17 19:54 - 2016-09-17 19:57 - 00059990 _____ C:\Users\HO\Downloads\Addition.txt
2016-09-17 19:50 - 2016-09-17 19:57 - 00034943 _____ C:\Users\HO\Downloads\FRST.txt
2016-09-17 19:49 - 2016-09-18 08:26 - 00000000 ____D C:\FRST
2016-09-17 19:49 - 2016-09-17 19:49 - 02399232 _____ (Farbar) C:\Users\HO\Downloads\FRST64.exe
2016-09-17 11:18 - 2016-09-17 11:18 - 00004787 _____ C:\Users\HO\Desktop\JRT.txt
2016-09-17 11:10 - 2016-09-17 11:10 - 01610560 _____ (Malwarebytes) C:\Users\HO\Downloads\JRT.exe
2016-09-17 08:35 - 2016-09-17 08:35 - 00010327 _____ C:\Users\HO\Downloads\AdwCleaner[C0].txt
2016-09-17 08:23 - 2016-09-17 08:30 - 00000000 ____D C:\AdwCleaner
2016-09-17 08:22 - 2016-09-17 08:22 - 03861056 _____ C:\Users\HO\Downloads\AdwCleaner_6.020.exe
2016-09-17 07:49 - 2016-09-17 07:49 - 00075064 _____ C:\Users\HO\Downloads\congstar_Monatsrechnung_2016_August_2201533992_7179511168.pdf
2016-09-17 07:48 - 2016-09-17 07:48 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-03 10:53 - 2016-09-03 10:53 - 00100591 _____ C:\Users\HO\Downloads\Cost sharing.pdf
2016-09-01 10:39 - 2016-09-02 08:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 19:38 - 2016-08-29 19:38 - 00314735 _____ C:\Users\HO\Downloads\Nutzungsbedingungen Haftpflicht-Siegel 11-2013.pdf
2016-08-29 08:09 - 2016-08-29 08:09 - 00009501 _____ C:\Users\HO\Downloads\Mappe2.xlsx
2016-08-26 17:19 - 2016-08-26 17:20 - 00000000 ____D C:\Users\HO\Desktop\Handelsvertreter
2016-08-26 13:57 - 2016-08-26 13:58 - 00278576 _____ C:\Windows\Minidump\082616-54101-01.dmp
2016-08-19 17:03 - 2016-08-19 17:03 - 02841726 _____ C:\Users\HO\Downloads\Dialoge_Nr35.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 08:25 - 2013-11-03 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 08:23 - 2015-01-02 15:16 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-18 08:23 - 2015-01-02 15:15 - 00000000 ____D C:\Program Files\iTunes
2016-09-18 08:23 - 2014-01-26 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-18 08:22 - 2015-01-02 15:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-18 08:15 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-18 08:15 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-18 08:14 - 2013-11-04 08:46 - 00000000 ____D C:\Users\HO\Documents\Outlook-Dateien
2016-09-18 08:14 - 2013-11-03 02:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-18 08:13 - 2013-11-03 02:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-18 08:07 - 2015-04-12 12:18 - 00000000 ____D C:\Users\HO\AppData\Local\HTC MediaHub
2016-09-18 08:07 - 2015-01-08 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-18 08:05 - 2014-01-13 17:02 - 00000000 ____D C:\Users\HO\AppData\Local\FreePDF_XP
2016-09-18 08:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-17 22:36 - 2014-02-28 12:59 - 00000544 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-17 22:33 - 2015-06-04 08:36 - 00000640 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-17 22:17 - 2014-12-21 23:36 - 00007605 _____ C:\Users\HO\AppData\Local\Resmon.ResmonCfg
2016-09-17 22:17 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-17 20:14 - 2013-11-03 02:32 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 20:14 - 2013-11-03 02:32 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 19:56 - 2015-01-15 22:35 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-17 08:59 - 2014-08-12 21:05 - 00001401 _____ C:\Users\HO\Desktop\GoToMeeting.lnk
2016-09-17 08:59 - 2014-05-23 11:15 - 00002467 _____ C:\Users\HO\Desktop\GoToMeeting Quick Connect.lnk
2016-09-17 08:00 - 2016-07-27 08:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-17 07:48 - 2016-07-26 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-17 07:39 - 2013-11-03 15:19 - 00000000 ____D C:\Users\HO\AppData\Local\CrashDumps
2016-09-16 09:54 - 2013-11-03 11:02 - 00000000 ____D C:\Users\HO\AppData\Roaming\Skype
2016-09-14 14:28 - 2013-11-03 02:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 14:28 - 2013-11-03 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 14:28 - 2013-11-03 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 14:27 - 2013-11-03 02:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 14:27 - 2013-11-03 01:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-09 09:45 - 2013-11-03 01:26 - 00000000 ____D C:\ProgramData\Skype
2016-09-09 09:44 - 2015-09-21 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-03 10:21 - 2015-06-04 08:36 - 00003658 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-03 10:21 - 2014-02-28 12:59 - 00003562 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-02 08:39 - 2014-02-09 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 17:37 - 2013-11-03 03:24 - 00000000 ____D C:\Users\HO\Documents\Business
2016-08-26 14:04 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-26 13:57 - 2016-04-22 06:11 - 594320949 _____ C:\Windows\MEMORY.DMP
2016-08-26 13:57 - 2013-11-06 11:04 - 00000000 ____D C:\Windows\Minidump
2016-08-26 09:45 - 2014-03-05 11:44 - 00504360 _____ C:\test.xml
2016-08-20 06:18 - 2014-07-30 15:04 - 00000000 ____D C:\Users\HO\AppData\Roaming\FileZilla
2016-08-19 21:14 - 2013-11-03 02:31 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-21 23:36 - 2016-09-17 22:17 - 0007605 _____ () C:\Users\HO\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\HO\AppData\Local\Temp\1fvwautoupd.exe
C:\Users\HO\AppData\Local\Temp\avgnt.exe
C:\Users\HO\AppData\Local\Temp\COMAP.EXE
C:\Users\HO\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\HO\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\HO\AppData\Local\Temp\libeay32.dll
C:\Users\HO\AppData\Local\Temp\msvcr120.dll
C:\Users\HO\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HO\AppData\Local\Temp\Quarantine.exe
C:\Users\HO\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HO\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 12:27

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von HO (18-09-2016 08:28:22)
Gestartet von C:\Users\HO\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-02 23:57:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-569190459-326481895-3770856800-500 - Administrator - Disabled)
Gast (S-1-5-21-569190459-326481895-3770856800-501 - Limited - Disabled)
HO (S-1-5-21-569190459-326481895-3770856800-1001 - Administrator - Enabled) => C:\Users\HO
HomeGroupUser$ (S-1-5-21-569190459-326481895-3770856800-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{0CC145EE-0BDD-C10F-1E52-CB2F6C4894E4}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6916.52 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demos - Telerik UI for WPF (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\fbb955dce3a1c387) (Version: 2015.1.224.40 - Demos - Telerik UI for WPF)
DevExpress Components 14.2 (HKLM-x32\...\DevExpress Components 14.2) (Version: 14.2.5 - Developer Express Inc.)
DevExpress Components 15.1 (HKLM-x32\...\DevExpress Components 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress DevExtreme 15.1 (HKLM-x32\...\DevExpress DevExtreme 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress WPF Demos (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\f51599dacb2f3d3c) (Version: 15.1.205.0 - Developer Express Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Firebird 2.1.1.17910 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.1.17910 - Firebird Project)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 5.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.22.1.5530 (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\GoToMeeting) (Version: 7.22.1.5530 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mindjet MindManager Pro 7 (HKLM-x32\...\{43EE9158-D821-4D6B-B1C7-06A8B97E6CCF}) (Version: 7.2.374 - Mindjet LLC)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
OlapGrid WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\1fc3393c7449819d) (Version: 12.4.0.24 - Syncfusion Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PivotAnalysis WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\dfa630185c8b5543) (Version: 12.4.0.24 - Syncfusion Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
SommerGlobal (HKLM-x32\...\SommerGlobal) (Version: 6.3016 - Sommer Informatik GmbH)
SommerGlobal (x32 Version: 6.3016 - Sommer Informatik GmbH) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Telekom Konferenz Add-In für Outlook (HKLM-x32\...\{4C56EDD2-2757-43A0-AFC5-25DDE9D22E71}) (Version: 2.6.0.1011 - Lindenbaum)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO C Series - Summer 2011 Screensaver (HKLM-x32\...\VAIO C Series - Summer 2011 Screensaver) (Version:  - )
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.3.0.02180 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSee (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\VSee) (Version: 14.0.0.808 - VSee Lab Inc)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{4C684845-7AC6-4416-AC5B-A6D9D11515B9}\InprocServer32 -> C:\Users\HO\AppData\Local\Telekom\Outlook-Conference-AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\HO\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {081F301A-6B71-4225-91D3-38A4AFC24723} - System32\Tasks\{360666CB-5CB9-472E-9F96-D69F33A4DC6A} => pcalua.exe -a C:\Users\HO\Downloads\iTunesSetup9.exe -d C:\Users\HO\Downloads
Task: {0C53A206-462E-4A2C-986D-F387FF8E7203} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {25099F84-1388-4465-971C-7E08915AD32B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {2A9B977D-752F-46A9-AC9F-9F11CD641993} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {38B63202-CFE9-4D88-A6B9-D3D0E3609658} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {3EDE753E-5C0F-448E-8F79-83E566B94314} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {4C00145D-1830-407B-B05E-0D4400DC91F2} - System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {51B5FC18-8819-4E6C-95AC-D9156C5B17A9} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Daily => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {55A8BD0B-6B27-41DF-A629-164117F2F8DB} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {5E7D6C53-DDEC-49A1-A1CB-B6511A1E2CE4} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8C27B2E1-63C0-4F63-B2A6-D5755D315DDF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {91930A06-7A38-4B76-BED1-BE271DF4606F} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {957B2D01-B489-4A33-A974-B4C46D367199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AC4C0213-773B-4957-BCF8-831DAFFE3D63} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Month => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {AED7151B-5F23-4478-8D79-9EE3A686494F} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {BB23A0BB-D47B-4D72-9153-F88057B703A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C47BD-AD42-407D-92DB-FF304E25D54D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {C12FF1F3-0174-4E27-85BF-B84C191FBD41} - System32\Tasks\{05D7C6C5-D642-4B16-99A7-66A4BD97A86F} => pcalua.exe -a C:\Users\HO\Downloads\msicuu2.exe -d C:\Users\HO\Downloads
Task: {C8F614A5-12E2-45DD-B8BC-75325D23E8B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C8F62CDE-E3C5-4226-BB23-744B5DA35E77} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {CE5B4E6B-3BA4-4F91-A6E7-8AF9D4895804} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {E1FE5D63-DA2C-4BD3-84AC-A7A8C295643B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {E4C050E0-EB35-40C8-9827-4C37AE1794A7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {E599CC42-B7A2-488F-AD02-31517F66B294} - System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E69C0F0F-96E3-42BA-91EA-BA26818FAE7A} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {EB9C0252-7389-41C4-A29A-B0E936BBFF2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-18 18:10 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-19 17:48 - 2015-03-19 17:48 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2011-04-14 05:56 - 2014-07-22 13:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2013-11-03 01:28 - 2011-02-25 18:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-03-19 17:48 - 2015-03-19 17:48 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-03-19 17:49 - 2015-03-19 17:49 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-11-03 00:53 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-11-03 03:21 - 2013-11-03 03:21 - 00278528 _____ () C:\Users\HO\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.DLL
2014-11-19 12:48 - 2014-11-19 12:48 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00392552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00059752 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2014-11-19 12:47 - 2014-11-19 12:47 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 12:46 - 2014-11-19 12:46 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-09-21 20:30 - 2014-11-07 03:33 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2014-09-21 20:29 - 2013-12-10 09:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2014-09-21 20:29 - 2013-12-10 09:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2016-05-13 10:18 - 2016-05-13 10:18 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8c02229a9868d155acb626160d3dd0b8\IsdiInterop.ni.dll
2013-11-03 00:40 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-569190459-326481895-3770856800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MMReminderService => C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{3BB50929-F43A-4F08-A4F4-587874D68AF8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B5D8D88C-2ADF-4CA8-82D9-9FCC096720ED}] => (Allow) LPort=2869
FirewallRules: [{85A0909A-D9F2-4EDA-8315-705E0DDDD773}] => (Allow) LPort=1900
FirewallRules: [{9BBA1C80-654C-47E7-BC9D-0F83F0FF25CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A731DFE5-50E2-47AF-810A-45B6CA733A69}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5DC5F713-DD89-4C05-A133-E0538B9E8A9A}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{D195C204-A992-4BA1-93E3-3C5108C95462}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{476B5C91-C840-488F-AE97-9D0EB1C1C7FF}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{B7F4D783-ADCD-4D62-94EC-1C8527D53811}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{50BB5CDA-830E-474E-BE77-A9762CDCD790}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{BCA545CA-0B4A-4B86-8EB0-46EA23187C51}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [TCP Query User{3999D4C8-135C-4ADB-A4D8-5B46475C723C}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{39DF657A-EFE8-455D-A104-28866E0032D2}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [TCP Query User{3DB3BD84-D6F5-4E4B-B8C2-1C440FEA23E1}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{98E0B391-2773-4D86-A7D3-DEEC399CEA43}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [{026F8CBF-3560-45E3-8B37-ED80293911EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{A4016A79-9640-42FE-815B-AC73B9FB2150}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{326B1180-77CE-447C-B73C-DA2F70163415}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{7C2C2850-83C2-473A-A7BC-6836209F4A21}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{63976B40-4F36-47D4-B72D-EDE34EF04439}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [TCP Query User{4D78AEC3-1E57-4C2E-8525-B78AA389EA2C}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{A533FC09-74CC-4D05-A533-3216431E5C95}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{BA6354D1-9FE3-4B15-A065-5625E15353DA}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{AFDD54EE-D9EF-4563-9FB1-6F38D67CF822}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{E4134387-3679-4472-8613-FCA984B94E9A}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{1D796511-92A5-4E48-85A8-4C1B6F22E1BF}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{22624CD5-065C-4C44-9E03-DBC335FDD62D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{7D68761C-32B5-4883-9EB7-78E0E5A900A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{1A4F137B-55D4-440E-BC09-31C8D409FB5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{CA3A75E8-0D96-4851-B1BC-1FC62FB9035F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{1598C322-4E7B-4A50-ADF0-1D1BE495FE92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{76C4D025-C7F5-4CD9-A99E-9DB0E9DBE641}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35C20C6F-FAF2-4746-9AC5-8E65C92F6D2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5DD3A7F9-C9BB-44E3-9806-156D92A792F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A88AB21-6B80-49C7-8BD6-0965D33028CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E47BB049-6453-48AE-8DFC-4F4F5537842E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F692E75-8F62-4E9D-AC9D-5AFD18023E0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F81CBE9-DEF2-4192-920B-E5BEA230AFDD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5B93884F-9E41-47D8-8550-9E4C1B0975DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E77A1DEF-1547-4E2B-A0EA-997538DF2E89}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{721383C9-0538-4380-BA4E-3A190CD20D7C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{2B1249AB-CEA1-4B1D-B6B1-CD75FF5191BD}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{6408B26D-2161-48DB-A59B-68CCAC804D0F}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{1B519982-B987-44DA-9BFA-383155EAE109}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{E6B28C32-0338-4C66-AFB0-3CA2A0E4FD21}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9D13E9F-C3B6-444A-8823-EC99DEAC9F2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{033F2696-CA07-46CB-9582-54326E3BB596}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2335E0A9-AA2C-4562-8F86-BADD172443AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2423AB4-7D18-4474-A399-BB09DEBB62AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D8BA448-2DC5-4401-A094-1E120D4718A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4FFB62D-8078-45C9-981C-D35DED118792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CC073E34-E003-456C-B16D-91388EEB77E0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [{CF7B1A29-2A0E-4CB9-992C-465F14A9C38E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-08-2016 09:58:56 Windows Update
10-08-2016 17:13:21 Windows Update
12-08-2016 12:34:23 Windows Update
16-08-2016 13:17:27 Windows Update
17-08-2016 11:32:49 Windows Update
26-08-2016 08:42:24 Windows Update
26-08-2016 12:41:20 Windows Update
30-08-2016 10:08:52 Windows Update
07-09-2016 06:54:17 Windows Update
17-09-2016 11:11:29 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2016 08:06:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 10:17:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:41:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:33:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:19:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:58:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCsystray.exe, Version: 6.4.0.14160, Zeitstempel: 0x4d5a5da9
Name des fehlerhaften Moduls: msxml6.dll, Version: 6.30.7601.18923, Zeitstempel: 0x55a5d020
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000cc680
ID des fehlerhaften Prozesses: 0x174c
Startzeit der fehlerhaften Anwendung: 0x01d210a46b0a9d42
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCsystray.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\msxml6.dll
Berichtskennung: 1848dacb-7c99-11e6-ada2-f0bf975f1bea

Error: (09/17/2016 07:33:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:24:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/16/2016 06:15:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm VAIO Gate.exe, Version 2.4.2.2200 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15a4

Startzeit: 01d2102f53876e0b

Endzeit: 308

Anwendungspfad: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Berichts-ID: b2b074d7-7c28-11e6-8435-f0bf975f1bea


Systemfehler:
=============
Error: (09/18/2016 08:05:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/18/2016 08:05:12 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/17/2016 11:02:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/17/2016 10:19:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/17/2016 10:19:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/17/2016 10:18:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/17/2016 10:17:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2016 10:17:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2016 10:17:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2016 10:17:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-01-07 22:23:44.687
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.606
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.516
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.424
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 87%
Installierter physikalischer RAM: 4007.14 MB
Verfügbarer physikalischer RAM: 503.62 MB
Summe virtueller Speicher: 8012.46 MB
Verfügbarer virtueller Speicher: 4067.35 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:579.92 GB) (Free:377.79 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:635.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 66A1540B)
Partition 1: (Not Active) - (Size=16.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=579.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD73D487)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

Arty · 18.09.2016, 07:35

Code:

ATTFilter

08:33:11.0989 0x1048  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
08:33:14.0960 0x1048  ============================================================
08:33:14.0960 0x1048  Current date / time: 2016/09/18 08:33:14.0960
08:33:14.0960 0x1048  SystemInfo:
08:33:14.0960 0x1048  
08:33:14.0960 0x1048  OS Version: 6.1.7601 ServicePack: 1.0
08:33:14.0960 0x1048  Product type: Workstation
08:33:14.0960 0x1048  ComputerName: HO-VAIO
08:33:14.0960 0x1048  UserName: HO
08:33:14.0960 0x1048  Windows directory: C:\Windows
08:33:14.0960 0x1048  System windows directory: C:\Windows
08:33:14.0960 0x1048  Running under WOW64
08:33:14.0960 0x1048  Processor architecture: Intel x64
08:33:14.0960 0x1048  Number of processors: 4
08:33:14.0960 0x1048  Page size: 0x1000
08:33:14.0960 0x1048  Boot type: Normal boot
08:33:14.0960 0x1048  CodeIntegrityOptions = 0x00000001
08:33:14.0960 0x1048  ============================================================
08:33:15.0276 0x1048  KLMD registered as C:\Windows\system32\drivers\63471576.sys
08:33:15.0276 0x1048  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23418, osProperties = 0x1
08:33:15.0794 0x1048  System UUID: {CD45231E-38EB-2D35-CA74-DC2FE860B96B}
08:33:16.0831 0x1048  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:33:16.0834 0x1048  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:33:16.0838 0x1048  ============================================================
08:33:16.0838 0x1048  \Device\Harddisk0\DR0:
08:33:16.0838 0x1048  MBR partitions:
08:33:16.0838 0x1048  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2050800, BlocksNum 0x32000
08:33:16.0838 0x1048  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2082800, BlocksNum 0x487D5000
08:33:16.0838 0x1048  \Device\Harddisk1\DR1:
08:33:16.0839 0x1048  MBR partitions:
08:33:16.0839 0x1048  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:33:16.0839 0x1048  ============================================================
08:33:16.0870 0x1048  C: <-> \Device\Harddisk0\DR0\Partition2
08:33:17.0264 0x1048  F: <-> \Device\Harddisk1\DR1\Partition1
08:33:17.0264 0x1048  ============================================================
08:33:17.0264 0x1048  Initialize success
08:33:17.0264 0x1048  ============================================================
08:33:25.0511 0x1e8c  ============================================================
08:33:25.0511 0x1e8c  Scan started
08:33:25.0511 0x1e8c  Mode: Manual; SigCheck; TDLFS; 
08:33:25.0511 0x1e8c  ============================================================
08:33:25.0511 0x1e8c  KSN ping started
08:33:37.0809 0x1e8c  KSN ping finished: true
08:33:40.0225 0x1e8c  ================ Scan system memory ========================
08:33:40.0225 0x1e8c  System memory - ok
08:33:40.0227 0x1e8c  ================ Scan services =============================
08:33:40.0355 0x1e8c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:33:40.0567 0x1e8c  1394ohci - ok
08:33:40.0675 0x1e8c  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
08:33:40.0752 0x1e8c  ACDaemon - ok
08:33:40.0785 0x1e8c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:33:40.0803 0x1e8c  ACPI - ok
08:33:40.0826 0x1e8c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:33:40.0857 0x1e8c  AcpiPmi - ok
08:33:40.0939 0x1e8c  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:33:40.0967 0x1e8c  AdobeActiveFileMonitor9.0 - ok
08:33:41.0081 0x1e8c  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:33:41.0093 0x1e8c  AdobeARMservice - ok
08:33:41.0222 0x1e8c  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:33:41.0267 0x1e8c  AdobeFlashPlayerUpdateSvc - ok
08:33:41.0304 0x1e8c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:33:41.0332 0x1e8c  adp94xx - ok
08:33:41.0386 0x1e8c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:33:41.0407 0x1e8c  adpahci - ok
08:33:41.0433 0x1e8c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:33:41.0448 0x1e8c  adpu320 - ok
08:33:41.0480 0x1e8c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:33:41.0508 0x1e8c  AeLookupSvc - ok
08:33:41.0551 0x1e8c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
08:33:41.0587 0x1e8c  AFD - ok
08:33:41.0611 0x1e8c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
08:33:41.0623 0x1e8c  agp440 - ok
08:33:41.0655 0x1e8c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
08:33:41.0685 0x1e8c  ALG - ok
08:33:41.0721 0x1e8c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:33:41.0731 0x1e8c  aliide - ok
08:33:41.0768 0x1e8c  [ 42047D5A2056DD94124AE147C6C4D0A9, 092191A9FAAA7019294F98976258BDEAFB94DF39E9F5E970B44F9F3FD555F8E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:33:41.0784 0x1e8c  AMD External Events Utility - ok
08:33:41.0797 0x1e8c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:33:41.0808 0x1e8c  amdide - ok
08:33:41.0835 0x1e8c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:33:41.0863 0x1e8c  AmdK8 - ok
08:33:42.0283 0x1e8c  [ 22222E24DDE94F60E2B1776B6F9BC471, 61D133FAFA9B3F8CFD1FF478DABC395CEEF034D916FCAB24C5EDB343AE2D0028 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:33:42.0654 0x1e8c  amdkmdag - ok
08:33:42.0719 0x1e8c  [ 37FF664741B50E617248DE7B58715146, 653E2F42EC175DFCD1B97AB717BC70725EECA90B9AA8806870D5B2971AF4887B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:33:42.0746 0x1e8c  amdkmdap - ok
08:33:42.0759 0x1e8c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
08:33:42.0773 0x1e8c  AmdPPM - ok
08:33:42.0813 0x1e8c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:33:42.0830 0x1e8c  amdsata - ok
08:33:42.0860 0x1e8c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
08:33:42.0877 0x1e8c  amdsbs - ok
08:33:42.0895 0x1e8c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:33:42.0907 0x1e8c  amdxata - ok
08:33:43.0084 0x1e8c  [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
08:33:43.0148 0x1e8c  AntiVirMailService - ok
08:33:43.0247 0x1e8c  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:33:43.0298 0x1e8c  AntiVirSchedulerService - ok
08:33:43.0392 0x1e8c  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:33:43.0421 0x1e8c  AntiVirService - ok
08:33:43.0578 0x1e8c  [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
08:33:43.0635 0x1e8c  AntiVirWebService - ok
08:33:43.0677 0x1e8c  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
08:33:43.0702 0x1e8c  AppID - ok
08:33:43.0718 0x1e8c  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:33:43.0735 0x1e8c  AppIDSvc - ok
08:33:43.0773 0x1e8c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
08:33:43.0815 0x1e8c  Appinfo - ok
08:33:43.0955 0x1e8c  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:33:43.0969 0x1e8c  Apple Mobile Device Service - ok
08:33:44.0005 0x1e8c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
08:33:44.0017 0x1e8c  arc - ok
08:33:44.0023 0x1e8c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
08:33:44.0037 0x1e8c  arcsas - ok
08:33:44.0066 0x1e8c  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
08:33:44.0076 0x1e8c  ArcSoftKsUFilter - ok
08:33:44.0172 0x1e8c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:33:44.0244 0x1e8c  aspnet_state - ok
08:33:44.0273 0x1e8c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:33:44.0315 0x1e8c  AsyncMac - ok
08:33:44.0351 0x1e8c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:33:44.0368 0x1e8c  atapi - ok
08:33:44.0397 0x1e8c  [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
08:33:44.0442 0x1e8c  AthBTPort - ok
08:33:44.0490 0x1e8c  [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
08:33:44.0512 0x1e8c  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
08:33:44.0740 0x1e8c  Detect skipped due to KSN trusted
08:33:44.0740 0x1e8c  Atheros Bt&Wlan Coex Agent - ok
08:33:44.0759 0x1e8c  [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
08:33:44.0770 0x1e8c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
08:33:44.0961 0x1e8c  Detect skipped due to KSN trusted
08:33:44.0961 0x1e8c  AtherosSvc - ok
08:33:45.0067 0x1e8c  [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
08:33:45.0180 0x1e8c  athr - ok
08:33:45.0247 0x1e8c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:33:45.0283 0x1e8c  AudioEndpointBuilder - ok
08:33:45.0305 0x1e8c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:33:45.0337 0x1e8c  AudioSrv - ok
08:33:45.0401 0x1e8c  [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
08:33:45.0419 0x1e8c  avgntflt - ok
08:33:45.0459 0x1e8c  [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
08:33:45.0496 0x1e8c  avipbb - ok
08:33:45.0678 0x1e8c  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
08:33:45.0698 0x1e8c  Avira.ServiceHost - ok
08:33:45.0719 0x1e8c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
08:33:45.0729 0x1e8c  avkmgr - ok
08:33:45.0756 0x1e8c  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
08:33:45.0770 0x1e8c  avnetflt - ok
08:33:45.0801 0x1e8c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:33:45.0823 0x1e8c  AxInstSV - ok
08:33:45.0866 0x1e8c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
08:33:45.0903 0x1e8c  b06bdrv - ok
08:33:45.0925 0x1e8c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:33:45.0946 0x1e8c  b57nd60a - ok
08:33:46.0035 0x1e8c  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:33:46.0054 0x1e8c  BBSvc - ok
08:33:46.0092 0x1e8c  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:33:46.0109 0x1e8c  BBUpdate - ok
08:33:46.0147 0x1e8c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:33:46.0163 0x1e8c  BDESVC - ok
08:33:46.0187 0x1e8c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:33:46.0234 0x1e8c  Beep - ok
08:33:46.0291 0x1e8c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
08:33:46.0334 0x1e8c  BFE - ok
08:33:46.0400 0x1e8c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
08:33:46.0496 0x1e8c  BITS - ok
08:33:46.0525 0x1e8c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:33:46.0538 0x1e8c  blbdrive - ok
08:33:46.0635 0x1e8c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:33:46.0657 0x1e8c  Bonjour Service - ok
08:33:46.0685 0x1e8c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:33:46.0710 0x1e8c  bowser - ok
08:33:46.0744 0x1e8c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
08:33:46.0759 0x1e8c  BrFiltLo - ok
08:33:46.0762 0x1e8c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
08:33:46.0776 0x1e8c  BrFiltUp - ok
08:33:46.0813 0x1e8c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
08:33:46.0829 0x1e8c  Browser - ok
08:33:46.0848 0x1e8c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:33:46.0869 0x1e8c  Brserid - ok
08:33:46.0873 0x1e8c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:33:46.0887 0x1e8c  BrSerWdm - ok
08:33:46.0891 0x1e8c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:33:46.0904 0x1e8c  BrUsbMdm - ok
08:33:46.0908 0x1e8c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:33:46.0919 0x1e8c  BrUsbSer - ok
08:33:46.0947 0x1e8c  [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
08:33:46.0985 0x1e8c  BTATH_A2DP - ok
08:33:47.0004 0x1e8c  [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
08:33:47.0021 0x1e8c  btath_avdt - ok
08:33:47.0045 0x1e8c  [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
08:33:47.0063 0x1e8c  BTATH_BUS - ok
08:33:47.0089 0x1e8c  [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
08:33:47.0112 0x1e8c  BTATH_HCRP - ok
08:33:47.0122 0x1e8c  [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
08:33:47.0134 0x1e8c  BTATH_LWFLT - ok
08:33:47.0158 0x1e8c  [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
08:33:47.0192 0x1e8c  BTATH_RCP - ok
08:33:47.0225 0x1e8c  [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
08:33:47.0255 0x1e8c  BtFilter - ok
08:33:47.0287 0x1e8c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:33:47.0307 0x1e8c  BthEnum - ok
08:33:47.0325 0x1e8c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:33:47.0340 0x1e8c  BTHMODEM - ok
08:33:47.0363 0x1e8c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:33:47.0381 0x1e8c  BthPan - ok
08:33:47.0411 0x1e8c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:33:47.0436 0x1e8c  BTHPORT - ok
08:33:47.0470 0x1e8c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
08:33:47.0505 0x1e8c  bthserv - ok
08:33:47.0515 0x1e8c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:33:47.0527 0x1e8c  BTHUSB - ok
08:33:47.0682 0x1e8c  [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
08:33:47.0733 0x1e8c  c2cautoupdatesvc - ok
08:33:47.0857 0x1e8c  [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
08:33:47.0917 0x1e8c  c2cpnrsvc - ok
08:33:47.0939 0x1e8c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:33:47.0974 0x1e8c  cdfs - ok
08:33:47.0996 0x1e8c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:33:48.0012 0x1e8c  cdrom - ok
08:33:48.0048 0x1e8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:33:48.0078 0x1e8c  CertPropSvc - ok
08:33:48.0081 0x1e8c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
08:33:48.0095 0x1e8c  circlass - ok
08:33:48.0140 0x1e8c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
08:33:48.0158 0x1e8c  CLFS - ok
08:33:48.0242 0x1e8c  [ 6E0FEE1A49B600BAD8F741CBE4D8136D, 6EA82518420F1BC7716EF4245CA7BEAC7F1A9228E6B90C1653173263EA7CF8D7 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
08:33:48.0277 0x1e8c  CLKMSVC10_9EC60124 - ok
08:33:48.0341 0x1e8c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:33:48.0353 0x1e8c  clr_optimization_v2.0.50727_32 - ok
08:33:48.0387 0x1e8c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:33:48.0399 0x1e8c  clr_optimization_v2.0.50727_64 - ok
08:33:48.0450 0x1e8c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:33:48.0626 0x1e8c  clr_optimization_v4.0.30319_32 - ok
08:33:48.0655 0x1e8c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:33:48.0771 0x1e8c  clr_optimization_v4.0.30319_64 - ok
08:33:48.0795 0x1e8c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:33:48.0808 0x1e8c  CmBatt - ok
08:33:48.0842 0x1e8c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:33:48.0852 0x1e8c  cmdide - ok
08:33:48.0897 0x1e8c  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
08:33:48.0927 0x1e8c  CNG - ok
08:33:48.0941 0x1e8c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:33:48.0951 0x1e8c  Compbatt - ok
08:33:48.0964 0x1e8c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
08:33:48.0979 0x1e8c  CompositeBus - ok
08:33:48.0982 0x1e8c  COMSysApp - ok
08:33:49.0060 0x1e8c  [ 035B05EACA764357D3F616F1B9B3F615, 49984C133D339972EE9ECA38DB30E4AFAD57985E4CED5EACEE9C0DC2D337A543 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:33:49.0075 0x1e8c  cphs - ok
08:33:49.0094 0x1e8c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
08:33:49.0103 0x1e8c  crcdisk - ok
08:33:49.0144 0x1e8c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:33:49.0160 0x1e8c  CryptSvc - ok
08:33:49.0307 0x1e8c  [ 75E3C4BB1ED032310EDCF5691A452B4B, E7FDF778CBD347017A84EB3919C530ED1EACB22277F3EA3B6FF3EA45D9FE8A6D ] DCDhcpService   C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
08:33:49.0333 0x1e8c  DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
08:33:49.0517 0x1e8c  Detect skipped due to KSN trusted
08:33:49.0517 0x1e8c  DCDhcpService - ok
08:33:49.0560 0x1e8c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:33:49.0618 0x1e8c  DcomLaunch - ok
08:33:49.0657 0x1e8c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:33:49.0699 0x1e8c  defragsvc - ok
08:33:49.0721 0x1e8c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:33:49.0757 0x1e8c  DfsC - ok
08:33:49.0774 0x1e8c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:33:49.0801 0x1e8c  Dhcp - ok
08:33:49.0919 0x1e8c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
08:33:49.0987 0x1e8c  DiagTrack - ok
08:33:50.0024 0x1e8c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
08:33:50.0059 0x1e8c  discache - ok
08:33:50.0076 0x1e8c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
08:33:50.0089 0x1e8c  Disk - ok
08:33:50.0117 0x1e8c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:33:50.0142 0x1e8c  Dnscache - ok
08:33:50.0176 0x1e8c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:33:50.0220 0x1e8c  dot3svc - ok
08:33:50.0237 0x1e8c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
08:33:50.0272 0x1e8c  DPS - ok
08:33:50.0309 0x1e8c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:33:50.0333 0x1e8c  drmkaud - ok
08:33:50.0390 0x1e8c  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:33:50.0425 0x1e8c  DXGKrnl - ok
08:33:50.0460 0x1e8c  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
08:33:50.0497 0x1e8c  e1yexpress - ok
08:33:50.0528 0x1e8c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
08:33:50.0575 0x1e8c  EapHost - ok
08:33:50.0707 0x1e8c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
08:33:50.0842 0x1e8c  ebdrv - ok
08:33:50.0874 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] EFS             C:\Windows\System32\lsass.exe
08:33:50.0902 0x1e8c  EFS - ok
08:33:50.0968 0x1e8c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:33:51.0012 0x1e8c  ehRecvr - ok
08:33:51.0019 0x1e8c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
08:33:51.0053 0x1e8c  ehSched - ok
08:33:51.0100 0x1e8c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
08:33:51.0125 0x1e8c  elxstor - ok
08:33:51.0129 0x1e8c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:33:51.0140 0x1e8c  ErrDev - ok
08:33:51.0183 0x1e8c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
08:33:51.0248 0x1e8c  EventSystem - ok
08:33:51.0276 0x1e8c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:33:51.0320 0x1e8c  exfat - ok
08:33:51.0350 0x1e8c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:33:51.0394 0x1e8c  fastfat - ok
08:33:51.0449 0x1e8c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
08:33:51.0509 0x1e8c  Fax - ok
08:33:51.0524 0x1e8c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
08:33:51.0537 0x1e8c  fdc - ok
08:33:51.0564 0x1e8c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
08:33:51.0598 0x1e8c  fdPHost - ok
08:33:51.0615 0x1e8c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:33:51.0649 0x1e8c  FDResPub - ok
08:33:51.0670 0x1e8c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:33:51.0692 0x1e8c  FileInfo - ok
08:33:51.0707 0x1e8c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:33:51.0743 0x1e8c  Filetrace - ok
08:33:51.0833 0x1e8c  [ B84D31AC5AE8372CE60204920E8F98E2, F7DDC746AE8B0FD9C0A10AEC90AFA886A2B20F86DBDDE3BDC784802B45AC9A7C ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
08:33:51.0840 0x1e8c  FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
08:33:52.0024 0x1e8c  Detect skipped due to KSN trusted
08:33:52.0024 0x1e8c  FirebirdGuardianDefaultInstance - ok
08:33:52.0149 0x1e8c  [ E83398B97959086265B7FEE2BFAF1343, 968D7552C78AD6348ECB1C33147C73A23478DB54C509AA99D2A10223F3C4CCBE ] FirebirdServerDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
08:33:52.0250 0x1e8c  FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
08:33:52.0455 0x1e8c  Detect skipped due to KSN trusted
08:33:52.0455 0x1e8c  FirebirdServerDefaultInstance - ok
08:33:52.0470 0x1e8c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
08:33:52.0499 0x1e8c  flpydisk - ok
08:33:52.0534 0x1e8c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:33:52.0554 0x1e8c  FltMgr - ok
08:33:52.0623 0x1e8c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
08:33:52.0689 0x1e8c  FontCache - ok
08:33:52.0726 0x1e8c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:33:52.0737 0x1e8c  FontCache3.0.0.0 - ok
08:33:52.0754 0x1e8c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:33:52.0769 0x1e8c  FsDepends - ok
08:33:52.0813 0x1e8c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:33:52.0840 0x1e8c  Fs_Rec - ok
08:33:52.0893 0x1e8c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:33:52.0910 0x1e8c  fvevol - ok
08:33:52.0945 0x1e8c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
08:33:52.0955 0x1e8c  gagp30kx - ok
08:33:52.0994 0x1e8c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:33:53.0003 0x1e8c  GEARAspiWDM - ok
08:33:53.0105 0x1e8c  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
08:33:53.0156 0x1e8c  gpsvc - ok
08:33:53.0237 0x1e8c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:33:53.0251 0x1e8c  gupdate - ok
08:33:53.0259 0x1e8c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:33:53.0271 0x1e8c  gupdatem - ok
08:33:53.0363 0x1e8c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:33:53.0400 0x1e8c  gusvc - ok
08:33:53.0437 0x1e8c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:33:53.0478 0x1e8c  hcw85cir - ok
08:33:53.0567 0x1e8c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:33:53.0652 0x1e8c  HdAudAddService - ok
08:33:53.0675 0x1e8c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
08:33:53.0696 0x1e8c  HDAudBus - ok
08:33:53.0702 0x1e8c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
08:33:53.0723 0x1e8c  HidBatt - ok
08:33:53.0746 0x1e8c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
08:33:53.0769 0x1e8c  HidBth - ok
08:33:53.0775 0x1e8c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
08:33:53.0806 0x1e8c  HidIr - ok
08:33:53.0847 0x1e8c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
08:33:53.0895 0x1e8c  hidserv - ok
08:33:53.0937 0x1e8c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:33:53.0970 0x1e8c  HidUsb - ok
08:33:53.0992 0x1e8c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:33:54.0051 0x1e8c  hkmsvc - ok
08:33:54.0095 0x1e8c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:33:54.0125 0x1e8c  HomeGroupListener - ok
08:33:54.0163 0x1e8c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:33:54.0192 0x1e8c  HomeGroupProvider - ok
08:33:54.0224 0x1e8c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:33:54.0240 0x1e8c  HpSAMD - ok
08:33:54.0272 0x1e8c  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:33:55.0077 0x1e8c  HTCAND64 - ok
08:33:55.0566 0x1e8c  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
08:33:55.0625 0x1e8c  HTCMonitorService - ok
08:33:55.0660 0x1e8c  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
08:33:55.0668 0x1e8c  htcnprot - ok
08:33:55.0754 0x1e8c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:33:55.0816 0x1e8c  HTTP - ok
08:33:55.0908 0x1e8c  HuaweiHiSuiteService64.exe - ok
08:33:56.0007 0x1e8c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:33:56.0015 0x1e8c  hwpolicy - ok
08:33:56.0082 0x1e8c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:33:56.0095 0x1e8c  i8042prt - ok
08:33:56.0182 0x1e8c  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
08:33:56.0203 0x1e8c  iaStor - ok
08:33:56.0362 0x1e8c  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:33:56.0370 0x1e8c  IAStorDataMgrSvc - ok
08:33:56.0447 0x1e8c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:33:56.0467 0x1e8c  iaStorV - ok
08:33:56.0559 0x1e8c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:33:56.0590 0x1e8c  idsvc - ok
08:33:56.0597 0x1e8c  IEEtwCollectorService - ok
08:33:56.0623 0x1e8c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
08:33:56.0634 0x1e8c  iirsp - ok
08:33:56.0710 0x1e8c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
08:33:56.0746 0x1e8c  IKEEXT - ok
08:33:57.0189 0x1e8c  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:33:57.0407 0x1e8c  IntcAzAudAddService - ok
08:33:57.0445 0x1e8c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
08:33:57.0494 0x1e8c  IntcDAud - ok
08:33:57.0530 0x1e8c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:33:57.0541 0x1e8c  intelide - ok
08:33:58.0004 0x1e8c  [ 5D4C27F028E059E96DCAE096F0AD1FC9, 73B8E4B5CC4CED778928E845837432D3B13DD995AFFAFBCB20591862D76EF674 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
08:33:58.0272 0x1e8c  intelkmd - ok
08:33:58.0349 0x1e8c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:33:58.0368 0x1e8c  intelppm - ok
08:33:58.0401 0x1e8c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:33:58.0456 0x1e8c  IPBusEnum - ok
08:33:58.0483 0x1e8c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:33:58.0544 0x1e8c  IpFilterDriver - ok
08:33:58.0591 0x1e8c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:33:58.0627 0x1e8c  iphlpsvc - ok
08:33:58.0655 0x1e8c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:33:58.0709 0x1e8c  IPMIDRV - ok
08:33:58.0716 0x1e8c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:33:58.0770 0x1e8c  IPNAT - ok
08:33:59.0037 0x1e8c  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:33:59.0098 0x1e8c  iPod Service - ok
08:33:59.0144 0x1e8c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:33:59.0167 0x1e8c  IRENUM - ok
08:33:59.0177 0x1e8c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:33:59.0188 0x1e8c  isapnp - ok
08:33:59.0247 0x1e8c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:33:59.0267 0x1e8c  iScsiPrt - ok
08:33:59.0281 0x1e8c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:33:59.0300 0x1e8c  kbdclass - ok
08:33:59.0322 0x1e8c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:33:59.0339 0x1e8c  kbdhid - ok
08:33:59.0364 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] KeyIso          C:\Windows\system32\lsass.exe
08:33:59.0402 0x1e8c  KeyIso - ok
08:33:59.0440 0x1e8c  [ CFBA6BCBBDC7E33813D92FFB3460FA07, 4BE0DF9AC976A991731C784CD3F32C4CED67AD58267658F046798E84BA1BF78C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:33:59.0464 0x1e8c  KSecDD - ok
08:33:59.0496 0x1e8c  [ CE66825289EE8326CB52C4E9E785ACB0, 41113B55F891A300C7967F585F59921917EC0718C26798946056B1DE534EE0E3 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:33:59.0511 0x1e8c  KSecPkg - ok
08:33:59.0538 0x1e8c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:33:59.0574 0x1e8c  ksthunk - ok
08:33:59.0609 0x1e8c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:33:59.0659 0x1e8c  KtmRm - ok
08:33:59.0726 0x1e8c  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
08:33:59.0753 0x1e8c  L1C - ok
08:33:59.0785 0x1e8c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:33:59.0829 0x1e8c  LanmanServer - ok
08:33:59.0865 0x1e8c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:33:59.0908 0x1e8c  LanmanWorkstation - ok
08:33:59.0992 0x1e8c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:34:00.0030 0x1e8c  lltdio - ok
08:34:00.0067 0x1e8c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:34:00.0111 0x1e8c  lltdsvc - ok
08:34:00.0140 0x1e8c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:34:00.0179 0x1e8c  lmhosts - ok
08:34:00.0261 0x1e8c  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:34:00.0296 0x1e8c  LMS - ok
08:34:00.0317 0x1e8c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
08:34:00.0330 0x1e8c  LSI_FC - ok
08:34:00.0346 0x1e8c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
08:34:00.0359 0x1e8c  LSI_SAS - ok
08:34:00.0366 0x1e8c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
08:34:00.0379 0x1e8c  LSI_SAS2 - ok
08:34:00.0402 0x1e8c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
08:34:00.0422 0x1e8c  LSI_SCSI - ok
08:34:00.0447 0x1e8c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:34:00.0482 0x1e8c  luafv - ok
08:34:00.0548 0x1e8c  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
08:34:00.0559 0x1e8c  MBAMProtector - ok
08:34:00.0703 0x1e8c  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
08:34:00.0778 0x1e8c  MBAMScheduler - ok
08:34:00.0912 0x1e8c  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
08:34:00.0960 0x1e8c  MBAMService - ok
08:34:00.0989 0x1e8c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
08:34:01.0007 0x1e8c  MBAMSwissArmy - ok
08:34:01.0081 0x1e8c  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
08:34:01.0105 0x1e8c  MBAMWebAccessControl - ok
08:34:01.0156 0x1e8c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:34:01.0201 0x1e8c  Mcx2Svc - ok
08:34:01.0238 0x1e8c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
08:34:01.0252 0x1e8c  megasas - ok
08:34:01.0272 0x1e8c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
08:34:01.0294 0x1e8c  MegaSR - ok
08:34:01.0329 0x1e8c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
08:34:01.0339 0x1e8c  MEIx64 - ok
08:34:01.0366 0x1e8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
08:34:01.0399 0x1e8c  MMCSS - ok
08:34:01.0422 0x1e8c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
08:34:01.0489 0x1e8c  Modem - ok
08:34:01.0503 0x1e8c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:34:01.0515 0x1e8c  monitor - ok
08:34:01.0526 0x1e8c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:34:01.0537 0x1e8c  mouclass - ok
08:34:01.0556 0x1e8c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:34:01.0568 0x1e8c  mouhid - ok
08:34:01.0614 0x1e8c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:34:01.0625 0x1e8c  mountmgr - ok
08:34:01.0678 0x1e8c  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:34:01.0707 0x1e8c  MozillaMaintenance - ok
08:34:01.0734 0x1e8c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:34:01.0746 0x1e8c  mpio - ok
08:34:01.0785 0x1e8c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:34:01.0820 0x1e8c  mpsdrv - ok
08:34:01.0912 0x1e8c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:34:01.0985 0x1e8c  MpsSvc - ok
08:34:02.0019 0x1e8c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:34:02.0074 0x1e8c  MRxDAV - ok
08:34:02.0106 0x1e8c  [ B7FADA5E1E55BB63F90EB9F8F016113B, 33C2C898E4AD0CBD34D9A6CF51987A4703009E23CD9D4F4294BF444C4D3D5A60 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:34:02.0140 0x1e8c  mrxsmb - ok
08:34:02.0165 0x1e8c  [ 34AFF1849B3EC042C40C5EEC9D78562A, E3378A9977B429812C38529C562FE27945706ADB5E9E877C4A90B0285631A501 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:34:02.0186 0x1e8c  mrxsmb10 - ok
08:34:02.0208 0x1e8c  [ 058CE7A55E140EB0C72FBA6FD2FA72DE, B1D89E524A621BDCC464882EF621BDC7779BFCBCC9FD923D70DE130C41D0DB4C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:34:02.0239 0x1e8c  mrxsmb20 - ok
08:34:02.0268 0x1e8c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:34:02.0279 0x1e8c  msahci - ok
08:34:02.0337 0x1e8c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:34:02.0349 0x1e8c  msdsm - ok
08:34:02.0378 0x1e8c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
08:34:02.0393 0x1e8c  MSDTC - ok
08:34:02.0412 0x1e8c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:34:02.0454 0x1e8c  Msfs - ok
08:34:02.0467 0x1e8c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:34:02.0544 0x1e8c  mshidkmdf - ok
08:34:02.0577 0x1e8c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:34:02.0587 0x1e8c  msisadrv - ok
08:34:02.0628 0x1e8c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:34:02.0689 0x1e8c  MSiSCSI - ok
08:34:02.0694 0x1e8c  msiserver - ok
08:34:02.0732 0x1e8c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:34:02.0775 0x1e8c  MSKSSRV - ok
08:34:02.0779 0x1e8c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:34:02.0820 0x1e8c  MSPCLOCK - ok
08:34:02.0829 0x1e8c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:34:02.0867 0x1e8c  MSPQM - ok
08:34:02.0928 0x1e8c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:34:02.0964 0x1e8c  MsRPC - ok
08:34:02.0999 0x1e8c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
08:34:03.0008 0x1e8c  mssmbios - ok
08:34:03.0164 0x1e8c  MSSQL$SQLEXPRESS - ok
08:34:03.0538 0x1e8c  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
08:34:03.0598 0x1e8c  MSSQLServerADHelper100 - ok
08:34:03.0620 0x1e8c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:34:03.0670 0x1e8c  MSTEE - ok
08:34:03.0688 0x1e8c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
08:34:03.0705 0x1e8c  MTConfig - ok
08:34:03.0716 0x1e8c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
08:34:03.0727 0x1e8c  Mup - ok
08:34:03.0765 0x1e8c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
08:34:03.0823 0x1e8c  napagent - ok
08:34:03.0851 0x1e8c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:34:03.0889 0x1e8c  NativeWifiP - ok
08:34:03.0995 0x1e8c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:34:04.0050 0x1e8c  NDIS - ok
08:34:04.0111 0x1e8c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:34:04.0184 0x1e8c  NdisCap - ok
08:34:04.0219 0x1e8c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:34:04.0270 0x1e8c  NdisTapi - ok
08:34:04.0313 0x1e8c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:34:04.0369 0x1e8c  Ndisuio - ok
08:34:04.0394 0x1e8c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:34:04.0445 0x1e8c  NdisWan - ok
08:34:04.0459 0x1e8c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:34:04.0522 0x1e8c  NDProxy - ok
08:34:04.0552 0x1e8c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:34:04.0615 0x1e8c  NetBIOS - ok
08:34:04.0688 0x1e8c  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:34:04.0744 0x1e8c  NetBT - ok
08:34:04.0763 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] Netlogon        C:\Windows\system32\lsass.exe
08:34:04.0775 0x1e8c  Netlogon - ok
08:34:04.0832 0x1e8c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
08:34:04.0891 0x1e8c  Netman - ok
08:34:04.0964 0x1e8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:34:05.0063 0x1e8c  NetMsmqActivator - ok
08:34:05.0069 0x1e8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:34:05.0082 0x1e8c  NetPipeActivator - ok
08:34:05.0200 0x1e8c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
08:34:05.0264 0x1e8c  netprofm - ok
08:34:05.0298 0x1e8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:34:05.0312 0x1e8c  NetTcpActivator - ok
08:34:05.0318 0x1e8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:34:05.0332 0x1e8c  NetTcpPortSharing - ok
08:34:05.0446 0x1e8c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
08:34:05.0457 0x1e8c  nfrd960 - ok
08:34:05.0517 0x1e8c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:34:05.0566 0x1e8c  NlaSvc - ok
08:34:05.0596 0x1e8c  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
08:34:05.0643 0x1e8c  nmwcd - ok
08:34:05.0695 0x1e8c  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
08:34:05.0724 0x1e8c  nmwcdc - ok
08:34:05.0745 0x1e8c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:34:05.0796 0x1e8c  Npfs - ok
08:34:05.0829 0x1e8c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
08:34:05.0899 0x1e8c  nsi - ok
08:34:05.0946 0x1e8c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:34:05.0991 0x1e8c  nsiproxy - ok
08:34:06.0293 0x1e8c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:34:06.0378 0x1e8c  Ntfs - ok
08:34:06.0408 0x1e8c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
08:34:06.0445 0x1e8c  Null - ok
08:34:06.0494 0x1e8c  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
08:34:06.0533 0x1e8c  nusb3hub - ok
08:34:06.0553 0x1e8c  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:34:06.0578 0x1e8c  nusb3xhc - ok
08:34:07.0388 0x1e8c  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:34:07.0965 0x1e8c  nvlddmkm - ok
08:34:08.0009 0x1e8c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:34:08.0028 0x1e8c  nvraid - ok
08:34:08.0063 0x1e8c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:34:08.0082 0x1e8c  nvstor - ok
08:34:08.0105 0x1e8c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:34:08.0123 0x1e8c  nv_agp - ok
08:34:08.0132 0x1e8c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:34:08.0160 0x1e8c  ohci1394 - ok
08:34:08.0227 0x1e8c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:34:08.0245 0x1e8c  ose - ok
08:34:08.0515 0x1e8c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:34:08.0721 0x1e8c  osppsvc - ok
08:34:08.0756 0x1e8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:34:08.0811 0x1e8c  p2pimsvc - ok
08:34:08.0844 0x1e8c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
08:34:08.0878 0x1e8c  p2psvc - ok
08:34:08.0905 0x1e8c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
08:34:08.0930 0x1e8c  Parport - ok
08:34:08.0969 0x1e8c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:34:08.0981 0x1e8c  partmgr - ok
08:34:09.0022 0x1e8c  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:34:09.0037 0x1e8c  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
08:34:09.0238 0x1e8c  Detect skipped due to KSN trusted
08:34:09.0238 0x1e8c  PassThru Service - ok
08:34:09.0273 0x1e8c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:34:09.0336 0x1e8c  PcaSvc - ok
08:34:09.0384 0x1e8c  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
08:34:09.0401 0x1e8c  pccsmcfd - ok
08:34:09.0431 0x1e8c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
08:34:09.0445 0x1e8c  pci - ok
08:34:09.0487 0x1e8c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:34:09.0496 0x1e8c  pciide - ok
08:34:09.0520 0x1e8c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
08:34:09.0535 0x1e8c  pcmcia - ok
08:34:09.0547 0x1e8c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:34:09.0577 0x1e8c  pcw - ok
08:34:09.0622 0x1e8c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:34:09.0671 0x1e8c  PEAUTH - ok
08:34:09.0731 0x1e8c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:34:09.0758 0x1e8c  PerfHost - ok
08:34:09.0828 0x1e8c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
08:34:09.0918 0x1e8c  pla - ok
08:34:09.0982 0x1e8c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:34:10.0026 0x1e8c  PlugPlay - ok
08:34:10.0103 0x1e8c  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
08:34:10.0124 0x1e8c  PMBDeviceInfoProvider - ok
08:34:10.0168 0x1e8c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:34:10.0195 0x1e8c  PNRPAutoReg - ok
08:34:10.0234 0x1e8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:34:10.0263 0x1e8c  PNRPsvc - ok
08:34:10.0308 0x1e8c  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:34:10.0348 0x1e8c  PolicyAgent - ok
08:34:10.0383 0x1e8c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
08:34:10.0421 0x1e8c  Power - ok
08:34:10.0441 0x1e8c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:34:10.0477 0x1e8c  PptpMiniport - ok
08:34:10.0498 0x1e8c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
08:34:10.0522 0x1e8c  Processor - ok
08:34:10.0561 0x1e8c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:34:10.0622 0x1e8c  ProfSvc - ok
08:34:10.0641 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:34:10.0652 0x1e8c  ProtectedStorage - ok
08:34:10.0672 0x1e8c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:34:10.0722 0x1e8c  Psched - ok
08:34:10.0753 0x1e8c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:34:10.0762 0x1e8c  PxHlpa64 - ok
08:34:10.0830 0x1e8c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
08:34:10.0898 0x1e8c  ql2300 - ok
08:34:10.0925 0x1e8c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
08:34:10.0939 0x1e8c  ql40xx - ok
08:34:10.0978 0x1e8c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
08:34:11.0019 0x1e8c  QWAVE - ok
08:34:11.0043 0x1e8c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:34:11.0087 0x1e8c  QWAVEdrv - ok
08:34:11.0104 0x1e8c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:34:11.0141 0x1e8c  RasAcd - ok
08:34:11.0165 0x1e8c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:34:11.0215 0x1e8c  RasAgileVpn - ok
08:34:11.0244 0x1e8c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
08:34:11.0282 0x1e8c  RasAuto - ok
08:34:11.0310 0x1e8c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:34:11.0359 0x1e8c  Rasl2tp - ok
08:34:11.0402 0x1e8c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
08:34:11.0462 0x1e8c  RasMan - ok
08:34:11.0480 0x1e8c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:34:11.0544 0x1e8c  RasPppoe - ok
08:34:11.0564 0x1e8c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:34:11.0631 0x1e8c  RasSstp - ok
08:34:11.0674 0x1e8c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:34:11.0727 0x1e8c  rdbss - ok
08:34:11.0744 0x1e8c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
08:34:11.0771 0x1e8c  rdpbus - ok
08:34:11.0786 0x1e8c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:34:11.0839 0x1e8c  RDPCDD - ok
08:34:11.0904 0x1e8c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:34:11.0940 0x1e8c  RDPENCDD - ok
08:34:11.0963 0x1e8c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:34:12.0003 0x1e8c  RDPREFMP - ok
08:34:12.0090 0x1e8c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:34:12.0140 0x1e8c  RdpVideoMiniport - ok
08:34:12.0186 0x1e8c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:34:12.0215 0x1e8c  RDPWD - ok
08:34:12.0239 0x1e8c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:34:12.0255 0x1e8c  rdyboost - ok
08:34:12.0279 0x1e8c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:34:12.0317 0x1e8c  RemoteAccess - ok
08:34:12.0343 0x1e8c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:34:12.0392 0x1e8c  RemoteRegistry - ok
08:34:12.0428 0x1e8c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:34:12.0445 0x1e8c  RFCOMM - ok
08:34:12.0475 0x1e8c  [ FF71ECB1B121C6273EC4C45EDDBC4FE4, 565BAEEF31F0F0957B62809A493ED604C06192876830C20FCCFA6283E8FF745B ] rimspci         C:\Windows\system32\DRIVERS\rimssne64.sys
08:34:12.0510 0x1e8c  rimspci - ok
08:34:12.0544 0x1e8c  [ E33075C22C14C57095F037253F936BB8, CC2A606193DC9D64F6381C87DF4384845E135AE2A60AF53A9D178566C687FDF7 ] risdsnpe        C:\Windows\system32\DRIVERS\risdsnxc64.sys
08:34:12.0568 0x1e8c  risdsnpe - ok
08:34:12.0599 0x1e8c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:34:12.0667 0x1e8c  RpcEptMapper - ok
08:34:12.0698 0x1e8c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
08:34:12.0720 0x1e8c  RpcLocator - ok
08:34:12.0750 0x1e8c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
08:34:12.0813 0x1e8c  RpcSs - ok
08:34:12.0872 0x1e8c  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
08:34:12.0900 0x1e8c  RsFx0103 - ok
08:34:12.0936 0x1e8c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:34:12.0985 0x1e8c  rspndr - ok
08:34:13.0009 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] SamSs           C:\Windows\system32\lsass.exe
08:34:13.0020 0x1e8c  SamSs - ok
08:34:13.0036 0x1e8c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:34:13.0050 0x1e8c  sbp2port - ok
08:34:13.0078 0x1e8c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:34:13.0141 0x1e8c  SCardSvr - ok
08:34:13.0171 0x1e8c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:34:13.0213 0x1e8c  scfilter - ok
08:34:13.0300 0x1e8c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
08:34:13.0387 0x1e8c  Schedule - ok
08:34:13.0438 0x1e8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:34:13.0482 0x1e8c  SCPolicySvc - ok
08:34:13.0509 0x1e8c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
08:34:13.0547 0x1e8c  sdbus - ok
08:34:13.0583 0x1e8c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:34:13.0611 0x1e8c  SDRSVC - ok
08:34:13.0621 0x1e8c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:34:13.0668 0x1e8c  secdrv - ok
08:34:13.0707 0x1e8c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
08:34:13.0734 0x1e8c  seclogon - ok
08:34:13.0754 0x1e8c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
08:34:13.0807 0x1e8c  SENS - ok
08:34:13.0821 0x1e8c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:34:13.0845 0x1e8c  SensrSvc - ok
08:34:13.0864 0x1e8c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
08:34:13.0896 0x1e8c  Serenum - ok
08:34:13.0905 0x1e8c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
08:34:13.0935 0x1e8c  Serial - ok
08:34:13.0942 0x1e8c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
08:34:13.0970 0x1e8c  sermouse - ok
08:34:14.0090 0x1e8c  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
08:34:14.0121 0x1e8c  ServiceLayer - ok
08:34:14.0155 0x1e8c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
08:34:14.0193 0x1e8c  SessionEnv - ok
08:34:14.0216 0x1e8c  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
08:34:14.0253 0x1e8c  SFEP - ok
08:34:14.0269 0x1e8c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:34:14.0309 0x1e8c  sffdisk - ok
08:34:14.0334 0x1e8c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:34:14.0359 0x1e8c  sffp_mmc - ok
08:34:14.0363 0x1e8c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:34:14.0377 0x1e8c  sffp_sd - ok
08:34:14.0382 0x1e8c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
08:34:14.0405 0x1e8c  sfloppy - ok
08:34:14.0475 0x1e8c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:34:14.0528 0x1e8c  SharedAccess - ok
08:34:14.0568 0x1e8c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:34:14.0620 0x1e8c  ShellHWDetection - ok
08:34:14.0649 0x1e8c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
08:34:14.0659 0x1e8c  SiSRaid2 - ok
08:34:14.0680 0x1e8c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
08:34:14.0691 0x1e8c  SiSRaid4 - ok
08:34:14.0811 0x1e8c  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:34:14.0831 0x1e8c  SkypeUpdate - ok
08:34:14.0853 0x1e8c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:34:14.0889 0x1e8c  Smb - ok
08:34:14.0929 0x1e8c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:34:14.0949 0x1e8c  SNMPTRAP - ok
08:34:15.0017 0x1e8c  [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
08:34:15.0028 0x1e8c  SOHCImp - ok
08:34:15.0048 0x1e8c  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
08:34:15.0057 0x1e8c  SOHDs - ok
08:34:15.0108 0x1e8c  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
08:34:15.0141 0x1e8c  SpfService - ok
08:34:15.0192 0x1e8c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:34:15.0201 0x1e8c  spldr - ok
08:34:15.0253 0x1e8c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
08:34:15.0304 0x1e8c  Spooler - ok
08:34:15.0445 0x1e8c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
08:34:15.0584 0x1e8c  sppsvc - ok
08:34:15.0607 0x1e8c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:34:15.0678 0x1e8c  sppuinotify - ok
08:34:15.0821 0x1e8c  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
08:34:15.0842 0x1e8c  SQLAgent$SQLEXPRESS - ok
08:34:15.0955 0x1e8c  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:34:15.0975 0x1e8c  SQLBrowser - ok
08:34:16.0017 0x1e8c  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:34:16.0035 0x1e8c  SQLWriter - ok
08:34:16.0081 0x1e8c  [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:34:16.0141 0x1e8c  srv - ok
08:34:16.0178 0x1e8c  [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:34:16.0222 0x1e8c  srv2 - ok
08:34:16.0258 0x1e8c  [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:34:16.0318 0x1e8c  srvnet - ok
08:34:16.0368 0x1e8c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:34:16.0427 0x1e8c  SSDPSRV - ok
08:34:16.0450 0x1e8c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:34:16.0498 0x1e8c  SstpSvc - ok
08:34:16.0520 0x1e8c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
08:34:16.0529 0x1e8c  stexstor - ok
08:34:16.0576 0x1e8c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
08:34:16.0620 0x1e8c  stisvc - ok
08:34:16.0642 0x1e8c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
08:34:16.0651 0x1e8c  swenum - ok
08:34:16.0697 0x1e8c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
08:34:16.0745 0x1e8c  swprv - ok
08:34:16.0816 0x1e8c  [ B0C7D4DCF4800DF2F2145B500D0161E8, 0E62B0143040C135CA3C09E6D8A5BD6FC0655C860C3BD000BE076EB1E69E7273 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
08:34:16.0860 0x1e8c  SynTP - ok
08:34:16.0952 0x1e8c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
08:34:17.0061 0x1e8c  SysMain - ok
08:34:17.0107 0x1e8c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:34:17.0138 0x1e8c  TabletInputService - ok
08:34:17.0175 0x1e8c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:34:17.0243 0x1e8c  TapiSrv - ok
08:34:17.0267 0x1e8c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
08:34:17.0325 0x1e8c  TBS - ok
08:34:17.0430 0x1e8c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:34:17.0504 0x1e8c  Tcpip - ok
08:34:17.0559 0x1e8c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:34:17.0621 0x1e8c  TCPIP6 - ok
08:34:17.0665 0x1e8c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:34:17.0678 0x1e8c  tcpipreg - ok
08:34:17.0714 0x1e8c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:34:17.0737 0x1e8c  TDPIPE - ok
08:34:17.0761 0x1e8c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:34:17.0787 0x1e8c  TDTCP - ok
08:34:17.0828 0x1e8c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:34:17.0841 0x1e8c  tdx - ok
08:34:17.0866 0x1e8c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
08:34:17.0877 0x1e8c  TermDD - ok
08:34:17.0936 0x1e8c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
08:34:18.0018 0x1e8c  TermService - ok
08:34:18.0054 0x1e8c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
08:34:18.0084 0x1e8c  Themes - ok
08:34:18.0110 0x1e8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
08:34:18.0147 0x1e8c  THREADORDER - ok
08:34:18.0169 0x1e8c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
08:34:18.0241 0x1e8c  TrkWks - ok
08:34:18.0283 0x1e8c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:34:18.0320 0x1e8c  TrustedInstaller - ok
08:34:18.0431 0x1e8c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:34:18.0441 0x1e8c  tssecsrv - ok
08:34:18.0468 0x1e8c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:34:18.0504 0x1e8c  TsUsbFlt - ok
08:34:18.0525 0x1e8c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
08:34:18.0563 0x1e8c  TsUsbGD - ok
08:34:18.0589 0x1e8c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:34:18.0638 0x1e8c  tunnel - ok
08:34:18.0659 0x1e8c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
08:34:18.0670 0x1e8c  uagp35 - ok
08:34:18.0715 0x1e8c  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
08:34:18.0725 0x1e8c  uCamMonitor - ok
08:34:18.0761 0x1e8c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:34:18.0802 0x1e8c  udfs - ok
08:34:18.0838 0x1e8c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:34:18.0851 0x1e8c  UI0Detect - ok
08:34:18.0859 0x1e8c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:34:18.0869 0x1e8c  uliagpkx - ok
08:34:18.0891 0x1e8c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:34:18.0911 0x1e8c  umbus - ok
08:34:18.0917 0x1e8c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
08:34:18.0939 0x1e8c  UmPass - ok
08:34:19.0081 0x1e8c  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:34:19.0166 0x1e8c  UNS - ok
08:34:19.0216 0x1e8c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
08:34:19.0260 0x1e8c  upnphost - ok
08:34:19.0306 0x1e8c  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
08:34:19.0351 0x1e8c  upperdev - ok
08:34:19.0391 0x1e8c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
08:34:19.0428 0x1e8c  USBAAPL64 - ok
08:34:19.0476 0x1e8c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
08:34:19.0516 0x1e8c  usbaudio - ok
08:34:19.0553 0x1e8c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:34:19.0593 0x1e8c  usbccgp - ok
08:34:19.0628 0x1e8c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:34:19.0661 0x1e8c  usbcir - ok
08:34:19.0694 0x1e8c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
08:34:19.0731 0x1e8c  usbehci - ok
08:34:19.0757 0x1e8c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:34:19.0787 0x1e8c  usbhub - ok
08:34:19.0809 0x1e8c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:34:19.0836 0x1e8c  usbohci - ok
08:34:19.0857 0x1e8c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:34:19.0871 0x1e8c  usbprint - ok
08:34:19.0907 0x1e8c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:34:19.0925 0x1e8c  usbscan - ok
08:34:19.0969 0x1e8c  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
08:34:19.0992 0x1e8c  usbser - ok
08:34:20.0024 0x1e8c  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
08:34:20.0058 0x1e8c  UsbserFilt - ok
08:34:20.0086 0x1e8c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:34:20.0110 0x1e8c  USBSTOR - ok
08:34:20.0146 0x1e8c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:34:20.0156 0x1e8c  usbuhci - ok
08:34:20.0197 0x1e8c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:34:20.0229 0x1e8c  usbvideo - ok
08:34:20.0251 0x1e8c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
08:34:20.0279 0x1e8c  usb_rndisx - ok
08:34:20.0300 0x1e8c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
08:34:20.0361 0x1e8c  UxSms - ok
08:34:20.0459 0x1e8c  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
08:34:20.0468 0x1e8c  VAIO Event Service - ok
08:34:20.0548 0x1e8c  [ EF7CF87F940F9104A3079F839BDC60C5, 12C458454DE960F5C2C3351E2D60B2536AFBB7A005AC6327945A3F69BD43FA66 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
08:34:20.0577 0x1e8c  VAIO Power Management - ok
08:34:20.0597 0x1e8c  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] VaultSvc        C:\Windows\system32\lsass.exe
08:34:20.0614 0x1e8c  VaultSvc - ok
08:34:20.0697 0x1e8c  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
08:34:20.0744 0x1e8c  VCFw - ok
08:34:20.0788 0x1e8c  [ 4B7ED2D6F738219068361BB14D19CBDE, 20A41B2D6F8423839D455A87FEDA646FFBF4CFD95928C2D410E77396CC675373 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
08:34:20.0815 0x1e8c  VcmIAlzMgr - ok
08:34:20.0861 0x1e8c  [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
08:34:20.0884 0x1e8c  VcmINSMgr - ok
08:34:20.0918 0x1e8c  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
08:34:20.0929 0x1e8c  VcmXmlIfHelper - ok
08:34:20.0971 0x1e8c  [ D347D3ABE070AA09C22FC37121555D52, EE62F6A3489AAA54A5E3BD6264C473EF091CF848F9047A8446D2947D79B0A672 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
08:34:20.0981 0x1e8c  VCService - ok
08:34:21.0012 0x1e8c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:34:21.0024 0x1e8c  vdrvroot - ok
08:34:21.0065 0x1e8c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
08:34:21.0113 0x1e8c  vds - ok
08:34:21.0127 0x1e8c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:34:21.0142 0x1e8c  vga - ok
08:34:21.0162 0x1e8c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:34:21.0203 0x1e8c  VgaSave - ok
08:34:21.0229 0x1e8c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:34:21.0244 0x1e8c  vhdmp - ok
08:34:21.0279 0x1e8c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:34:21.0289 0x1e8c  viaide - ok
08:34:21.0317 0x1e8c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:34:21.0329 0x1e8c  volmgr - ok
08:34:21.0360 0x1e8c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:34:21.0378 0x1e8c  volmgrx - ok
08:34:21.0390 0x1e8c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:34:21.0409 0x1e8c  volsnap - ok
08:34:21.0427 0x1e8c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
08:34:21.0441 0x1e8c  vsmraid - ok
08:34:21.0517 0x1e8c  [ 86958A24639B8E3A84F14307CE35650B, C16CC385239B441FD3B363EB17D0EA5C792F274347EA028758103E7DC85B9318 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
08:34:21.0564 0x1e8c  VSNService - ok
08:34:21.0641 0x1e8c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
08:34:21.0713 0x1e8c  VSS - ok
08:34:21.0941 0x1e8c  [ 16595E67A5AE390C70F4A482644C6D3D, 5D233199963E4970CDE93A800E4C40E675979AE255590E060391AE315D45DA71 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
08:34:22.0007 0x1e8c  VUAgent - ok
08:34:22.0032 0x1e8c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:34:22.0046 0x1e8c  vwifibus - ok
08:34:22.0059 0x1e8c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:34:22.0083 0x1e8c  vwififlt - ok
08:34:22.0099 0x1e8c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:34:22.0115 0x1e8c  vwifimp - ok
08:34:22.0148 0x1e8c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
08:34:22.0190 0x1e8c  W32Time - ok
08:34:22.0226 0x1e8c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
08:34:22.0247 0x1e8c  WacomPen - ok
08:34:22.0269 0x1e8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:34:22.0314 0x1e8c  WANARP - ok
08:34:22.0321 0x1e8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:34:22.0354 0x1e8c  Wanarpv6 - ok
08:34:22.0429 0x1e8c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:34:22.0473 0x1e8c  WatAdminSvc - ok
08:34:22.0548 0x1e8c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
08:34:22.0622 0x1e8c  wbengine - ok
08:34:22.0653 0x1e8c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:34:22.0681 0x1e8c  WbioSrvc - ok
08:34:22.0716 0x1e8c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:34:22.0766 0x1e8c  wcncsvc - ok
08:34:22.0808 0x1e8c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:34:22.0826 0x1e8c  WcsPlugInService - ok
08:34:22.0851 0x1e8c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
08:34:22.0861 0x1e8c  Wd - ok
08:34:22.0917 0x1e8c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:34:22.0964 0x1e8c  Wdf01000 - ok
08:34:23.0000 0x1e8c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:34:23.0039 0x1e8c  WdiServiceHost - ok
08:34:23.0075 0x1e8c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:34:23.0090 0x1e8c  WdiSystemHost - ok
08:34:23.0140 0x1e8c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
08:34:23.0188 0x1e8c  WebClient - ok
08:34:23.0241 0x1e8c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:34:23.0309 0x1e8c  Wecsvc - ok
08:34:23.0335 0x1e8c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:34:23.0392 0x1e8c  wercplsupport - ok
08:34:23.0421 0x1e8c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:34:23.0465 0x1e8c  WerSvc - ok
08:34:23.0494 0x1e8c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:34:23.0526 0x1e8c  WfpLwf - ok
08:34:23.0538 0x1e8c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:34:23.0549 0x1e8c  WIMMount - ok
08:34:23.0575 0x1e8c  WinDefend - ok
08:34:23.0586 0x1e8c  WinHttpAutoProxySvc - ok
08:34:23.0637 0x1e8c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:34:23.0687 0x1e8c  Winmgmt - ok
08:34:23.0787 0x1e8c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
08:34:23.0875 0x1e8c  WinRM - ok
08:34:23.0940 0x1e8c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:34:23.0953 0x1e8c  WinUsb - ok
08:34:24.0012 0x1e8c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:34:24.0056 0x1e8c  Wlansvc - ok
08:34:24.0099 0x1e8c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:34:24.0109 0x1e8c  wlcrasvc - ok
08:34:24.0226 0x1e8c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:34:24.0306 0x1e8c  wlidsvc - ok
08:34:24.0349 0x1e8c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:34:24.0371 0x1e8c  WmiAcpi - ok
08:34:24.0413 0x1e8c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:34:24.0438 0x1e8c  wmiApSrv - ok
08:34:24.0453 0x1e8c  WMPNetworkSvc - ok
08:34:24.0489 0x1e8c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:34:24.0517 0x1e8c  WPCSvc - ok
08:34:24.0536 0x1e8c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:34:24.0570 0x1e8c  WPDBusEnum - ok
08:34:24.0616 0x1e8c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:34:24.0666 0x1e8c  ws2ifsl - ok
08:34:24.0720 0x1e8c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
08:34:24.0755 0x1e8c  wscsvc - ok
08:34:24.0760 0x1e8c  WSearch - ok
08:34:24.0882 0x1e8c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:34:24.0982 0x1e8c  wuauserv - ok
08:34:25.0025 0x1e8c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:34:25.0048 0x1e8c  WudfPf - ok
08:34:25.0081 0x1e8c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:34:25.0104 0x1e8c  WUDFRd - ok
08:34:25.0141 0x1e8c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:34:25.0171 0x1e8c  wudfsvc - ok
08:34:25.0212 0x1e8c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:34:25.0254 0x1e8c  WwanSvc - ok
08:34:25.0434 0x1e8c  [ 529D9F6C9A3BB3E8450E6EFAF24F9B7D, D492E58BE85A28843C7F6BA221E54233E95690287232B60D202ACE796B807604 ] {C5F942FD-1110-4664-86CE-0C6BDA305235} C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
08:34:25.0444 0x1e8c  {C5F942FD-1110-4664-86CE-0C6BDA305235} - ok
08:34:25.0465 0x1e8c  ================ Scan global ===============================
08:34:25.0520 0x1e8c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
08:34:25.0562 0x1e8c  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
08:34:25.0577 0x1e8c  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
08:34:25.0619 0x1e8c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:34:25.0669 0x1e8c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
08:34:25.0677 0x1e8c  [ Global ] - ok
08:34:25.0677 0x1e8c  ================ Scan MBR ==================================
08:34:25.0698 0x1e8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:34:26.0587 0x1e8c  \Device\Harddisk0\DR0 - ok
08:34:26.0895 0x1e8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:34:27.0036 0x1e8c  \Device\Harddisk1\DR1 - ok
08:34:27.0037 0x1e8c  ================ Scan VBR ==================================
08:34:27.0091 0x1e8c  [ D3BC7E9D2379708E9BCABC9FFE112A96 ] \Device\Harddisk0\DR0\Partition1
08:34:27.0092 0x1e8c  \Device\Harddisk0\DR0\Partition1 - ok
08:34:27.0105 0x1e8c  [ 5DC89C4BFDD76E5437D8E110915602DC ] \Device\Harddisk0\DR0\Partition2
08:34:27.0106 0x1e8c  \Device\Harddisk0\DR0\Partition2 - ok
08:34:27.0108 0x1e8c  [ 3106DD3D4CDEF8B15D5F2F2F472159B7 ] \Device\Harddisk1\DR1\Partition1
08:34:27.0109 0x1e8c  \Device\Harddisk1\DR1\Partition1 - ok
08:34:27.0109 0x1e8c  ================ Scan generic autorun ======================
08:34:27.0251 0x1e8c  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
08:34:27.0320 0x1e8c  RtHDVBg - ok
08:34:27.0388 0x1e8c  [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
08:34:27.0435 0x1e8c  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
08:34:27.0618 0x1e8c  Detect skipped due to KSN trusted
08:34:27.0618 0x1e8c  AtherosBtStack - ok
08:34:27.0655 0x1e8c  [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
08:34:27.0687 0x1e8c  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
08:34:27.0871 0x1e8c  Detect skipped due to KSN trusted
08:34:27.0871 0x1e8c  AthBtTray - ok
08:34:27.0872 0x1e8c  SynTPEnh - ok
08:34:27.0949 0x1e8c  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
08:34:27.0970 0x1e8c  AdobeAAMUpdater-1.0 - ok
08:34:28.0060 0x1e8c  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
08:34:28.0120 0x1e8c  RtHDVBg_Dolby - ok
08:34:28.0169 0x1e8c  [ 01647C2D6FE5B5419D479F8E1F091060, A4761207B5CA914C20DBB137880EDA10CB89806201A1F98153256F155363333B ] C:\Windows\system32\igfxtray.exe
08:34:28.0184 0x1e8c  IgfxTray - ok
08:34:28.0227 0x1e8c  [ 644E730F175458C17848730F86F4E98A, FBF71975F9DDF7C4775EF3D175E9C5B109C92E67B5F6F6F61BAB55CE775F54BA ] C:\Windows\system32\hkcmd.exe
08:34:28.0248 0x1e8c  HotKeysCmds - ok
08:34:28.0276 0x1e8c  [ AF641E9D5F10F9AC160C06BA303931C2, 3D16AA48DC01D838F7A1657AE3A5D15CDCB626C01711ACBB2DD69775FD174BA0 ] C:\Windows\system32\igfxpers.exe
08:34:28.0296 0x1e8c  Persistence - ok
08:34:28.0413 0x1e8c  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
08:34:28.0425 0x1e8c  iTunesHelper - ok
08:34:28.0471 0x1e8c  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
08:34:28.0485 0x1e8c  IAStorIcon - ok
08:34:28.0611 0x1e8c  [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
08:34:28.0722 0x1e8c  ISBMgr.exe - ok
08:34:28.0783 0x1e8c  [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
08:34:28.0824 0x1e8c  PMBVolumeWatcher - ok
08:34:28.0868 0x1e8c  [ AF09BA5C777AB769DA6AA5AC6B08B796, E1DD93A332BBFEDB81C6AEAC07E46788D9C21E1617D70D92546942012EF0DCCB ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
08:34:28.0882 0x1e8c  BDRegion - ok
08:34:28.0939 0x1e8c  [ 4AC6587E639CD5EAB5B657E7C1FBE680, 30FED733DA956D57016AB6570851E9B8A1C7711D0741EF14B792E3ECEB5AD035 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
08:34:28.0965 0x1e8c  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
08:34:29.0168 0x1e8c  Detect skipped due to KSN trusted
08:34:29.0168 0x1e8c  FreePDF Assistant - ok
08:34:29.0489 0x1e8c  [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
08:34:29.0587 0x1e8c  avgnt - ok
08:34:29.0673 0x1e8c  [ B69207036E1A2A80399013D4F1F5E02F, 01E599A1BDC059B09A8DC0469CB105EB98CA313CC83F56A8521A81277D1B9DD5 ] C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
08:34:29.0703 0x1e8c  PowerDVD14Agent - ok
08:34:29.0785 0x1e8c  [ 29C5276E636F4629B44321602CCA92BC, EEF6AFD4A7FA2E485F0779B126810FF16710E4CCE32F26D9F29209C1168CAEEF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
08:34:29.0811 0x1e8c  StartCCC - ok
08:34:29.0932 0x1e8c  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
08:34:29.0942 0x1e8c  Avira SystrayStartTrigger - ok
08:34:30.0032 0x1e8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:34:30.0108 0x1e8c  Sidebar - ok
08:34:30.0134 0x1e8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:34:30.0152 0x1e8c  mctadmin - ok
08:34:30.0183 0x1e8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:34:30.0223 0x1e8c  Sidebar - ok
08:34:30.0229 0x1e8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:34:30.0249 0x1e8c  mctadmin - ok
08:34:30.0320 0x1e8c  VSee - ok
08:34:30.0464 0x1e8c  [ F04F28C39F0D871A194B41F58B859017, 29A45CB1B9F369CB2B7F96DC94E622F099DDED52621CE17B9F7E9C19D7CDA4CB ] C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe
08:34:30.0474 0x1e8c  GoToMeeting - ok
08:34:30.0475 0x1e8c  Waiting for KSN requests completion. In queue: 162
08:34:31.0654 0x1e8c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
08:34:31.0678 0x1e8c  Win FW state via NFP2: enabled ( trusted )
08:34:31.0900 0x1e8c  ============================================================
08:34:31.0900 0x1e8c  Scan finished
08:34:31.0900 0x1e8c  ============================================================
08:34:31.0910 0x2760  Detected object count: 0
08:34:31.0910 0x2760  Actual detected object count: 0

Arty · 18.09.2016, 08:55

Combofix Logfile:

Code:

ATTFilter

ComboFix 16-09-14.01 - HO 18.09.2016   8:43.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4007.1191 [GMT 2:00]
ausgeführt von:: c:\users\HO\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\HO\AppData\Local\assembly\tmp
c:\users\HO\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\msdownld.tmp
F:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-08-18 bis 2016-09-18  ))))))))))))))))))))))))))))))
.
.
2016-09-18 07:07 . 2016-09-18 07:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-09-17 17:49 . 2016-09-18 06:30	--------	d-----w-	C:\FRST
2016-09-17 06:23 . 2016-09-17 06:30	--------	d-----w-	C:\AdwCleaner
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-18 07:11 . 2015-01-08 18:07	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-14 12:28 . 2013-11-03 00:31	796352	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-09-14 12:28 . 2013-11-03 00:31	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-09 07:14 . 2016-09-09 07:14	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{948A37F7-F616-4BCE-8299-40925D196A05}\offreg.7472.dll
2016-08-10 15:17 . 2013-11-03 09:06	147640136	-c--a-w-	c:\windows\system32\MRT.exe
2016-08-02 22:36 . 2016-09-09 07:07	11847048	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{948A37F7-F616-4BCE-8299-40925D196A05}\mpengine.dll
2016-08-02 14:54 . 2016-08-10 15:11	394440	----a-w-	c:\windows\system32\iedkcs32.dll
2016-08-02 06:54 . 2016-08-10 15:11	25808384	----a-w-	c:\windows\system32\mshtml.dll
2016-08-02 06:47 . 2016-08-10 15:11	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2016-08-02 06:47 . 2016-08-10 15:11	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2016-08-02 06:32 . 2016-08-10 15:11	66560	----a-w-	c:\windows\system32\iesetup.dll
2016-08-02 06:32 . 2016-08-10 15:11	2894336	----a-w-	c:\windows\system32\iertutil.dll
2016-08-02 06:31 . 2016-08-10 15:11	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2016-08-02 06:31 . 2016-08-10 15:11	417792	----a-w-	c:\windows\system32\html.iec
2016-08-02 06:31 . 2016-08-10 15:11	572416	----a-w-	c:\windows\system32\vbscript.dll
2016-08-02 06:31 . 2016-08-10 15:11	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2016-08-02 06:24 . 2016-08-10 15:11	54784	----a-w-	c:\windows\system32\jsproxy.dll
2016-08-02 06:23 . 2016-08-10 15:11	34304	----a-w-	c:\windows\system32\iernonce.dll
2016-08-02 06:20 . 2016-08-10 15:11	615936	----a-w-	c:\windows\system32\ieui.dll
2016-08-02 06:19 . 2016-08-10 15:11	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2016-08-02 06:19 . 2016-08-10 15:11	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2016-08-02 06:18 . 2016-08-10 15:11	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2016-08-02 06:18 . 2016-08-10 15:11	817664	----a-w-	c:\windows\system32\jscript.dll
2016-08-02 06:18 . 2016-08-10 15:11	6047744	----a-w-	c:\windows\system32\jscript9.dll
2016-08-02 06:11 . 2016-08-10 15:11	969216	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2016-08-02 06:08 . 2016-08-10 15:11	489984	----a-w-	c:\windows\system32\dxtmsft.dll
2016-08-02 06:03 . 2016-08-10 15:11	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2016-08-02 06:00 . 2016-08-10 15:11	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2016-08-02 05:59 . 2016-08-10 15:11	107520	----a-w-	c:\windows\system32\inseng.dll
2016-08-02 05:56 . 2016-08-10 15:11	199680	----a-w-	c:\windows\system32\msrating.dll
2016-08-02 05:55 . 2016-08-10 15:11	92160	----a-w-	c:\windows\system32\mshtmled.dll
2016-08-02 05:53 . 2016-08-10 15:11	315392	----a-w-	c:\windows\system32\dxtrans.dll
2016-08-02 05:51 . 2016-08-10 15:11	497664	----a-w-	c:\windows\SysWow64\vbscript.dll
2016-08-02 05:51 . 2016-08-10 15:11	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2016-08-02 05:51 . 2016-08-10 15:11	152064	----a-w-	c:\windows\system32\occache.dll
2016-08-02 05:51 . 2016-08-10 15:11	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2016-08-02 05:51 . 2016-08-10 15:11	341504	----a-w-	c:\windows\SysWow64\html.iec
2016-08-02 05:50 . 2016-08-10 15:11	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2016-08-02 05:41 . 2016-08-10 15:11	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2016-08-02 05:41 . 2016-08-10 15:11	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2016-08-02 05:40 . 2016-08-10 15:11	262144	----a-w-	c:\windows\system32\webcheck.dll
2016-08-02 05:38 . 2016-08-10 15:11	724992	----a-w-	c:\windows\system32\ie4uinit.exe
2016-08-02 05:38 . 2016-08-10 15:11	806400	----a-w-	c:\windows\system32\msfeeds.dll
2016-08-02 05:37 . 2016-08-10 15:11	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2016-08-02 05:36 . 2016-08-10 15:11	2131456	----a-w-	c:\windows\system32\inetcpl.cpl
2016-08-02 05:29 . 2016-08-10 15:11	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-08-02 05:28 . 2016-08-10 15:11	15412224	----a-w-	c:\windows\system32\ieframe.dll
2016-08-02 05:23 . 2016-08-10 15:11	2868224	----a-w-	c:\windows\system32\wininet.dll
2016-08-02 05:21 . 2016-08-10 15:11	4608000	----a-w-	c:\windows\SysWow64\jscript9.dll
2016-08-02 05:14 . 2016-08-10 15:11	2055680	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2016-08-02 05:14 . 2016-08-10 15:11	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2016-08-02 05:10 . 2016-08-10 15:11	1550848	----a-w-	c:\windows\system32\urlmon.dll
2016-08-02 04:59 . 2016-08-10 15:11	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2016-08-02 04:56 . 2016-08-10 15:11	2393088	----a-w-	c:\windows\SysWow64\wininet.dll
2016-07-26 14:22 . 2013-12-25 18:27	171752	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2016-07-26 14:22 . 2013-12-25 18:27	145984	----a-w-	c:\windows\system32\drivers\avipbb.sys
2016-07-26 12:24 . 2010-11-21 03:27	504488	------w-	c:\windows\system32\MpSigStub.exe
2016-07-11 06:13 . 2010-06-24 10:33	24800	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-07-08 15:37 . 2016-08-10 15:11	95464	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2016-07-08 15:37 . 2016-08-10 15:11	154856	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2016-07-08 15:32 . 2016-08-17 06:49	2048	----a-w-	c:\windows\system32\tzres.dll
2016-07-08 15:32 . 2016-08-10 15:11	86528	----a-w-	c:\windows\system32\TSpkg.dll
2016-07-08 15:32 . 2016-08-10 15:11	210432	----a-w-	c:\windows\system32\wdigest.dll
2016-07-08 15:32 . 2016-08-10 15:11	28672	----a-w-	c:\windows\system32\sspisrv.dll
2016-07-08 15:32 . 2016-08-10 15:11	135680	----a-w-	c:\windows\system32\sspicli.dll
2016-07-08 15:32 . 2016-08-10 15:11	343552	----a-w-	c:\windows\system32\schannel.dll
2016-07-08 15:32 . 2016-08-10 15:11	1212928	----a-w-	c:\windows\system32\rpcrt4.dll
2016-07-08 15:32 . 2016-08-10 15:11	190464	----a-w-	c:\windows\system32\rpchttp.dll
2016-07-08 15:32 . 2016-08-10 15:11	28160	----a-w-	c:\windows\system32\secur32.dll
2016-07-08 15:32 . 2016-08-10 15:11	316416	----a-w-	c:\windows\system32\msv1_0.dll
2016-07-08 15:32 . 2016-08-10 15:11	312320	----a-w-	c:\windows\system32\ncrypt.dll
2016-07-08 15:32 . 2016-08-10 15:11	60416	----a-w-	c:\windows\system32\msobjs.dll
2016-07-08 15:32 . 2016-08-10 15:11	146432	----a-w-	c:\windows\system32\msaudite.dll
2016-07-08 15:32 . 2016-08-10 15:11	1464320	----a-w-	c:\windows\system32\lsasrv.dll
2016-07-08 15:32 . 2016-08-10 15:11	730624	----a-w-	c:\windows\system32\kerberos.dll
2016-07-08 15:32 . 2016-08-10 15:11	43520	----a-w-	c:\windows\system32\cryptbase.dll
2016-07-08 15:32 . 2016-08-10 15:11	22016	----a-w-	c:\windows\system32\credssp.dll
2016-07-08 15:32 . 2016-08-10 15:11	463872	----a-w-	c:\windows\system32\certcli.dll
2016-07-08 15:32 . 2016-08-10 15:11	690688	----a-w-	c:\windows\system32\adtschema.dll
2016-07-08 15:17 . 2016-08-10 15:11	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2016-07-08 15:17 . 2016-08-10 15:11	666112	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2016-07-08 15:16 . 2016-08-17 06:49	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2016-07-08 15:16 . 2016-08-10 15:11	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2016-07-08 15:16 . 2016-08-10 15:11	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2016-07-08 15:16 . 2016-08-10 15:11	251392	----a-w-	c:\windows\SysWow64\schannel.dll
2016-07-08 15:16 . 2016-08-10 15:11	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2016-07-08 15:16 . 2016-08-10 15:11	141312	----a-w-	c:\windows\SysWow64\rpchttp.dll
2016-07-08 15:16 . 2016-08-10 15:11	223232	----a-w-	c:\windows\SysWow64\ncrypt.dll
2016-07-08 15:16 . 2016-08-10 15:11	260608	----a-w-	c:\windows\SysWow64\msv1_0.dll
2016-07-08 15:16 . 2016-08-10 15:11	60416	----a-w-	c:\windows\SysWow64\msobjs.dll
2016-07-08 15:16 . 2016-08-10 15:11	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2016-07-08 15:16 . 2016-08-10 15:11	553472	----a-w-	c:\windows\SysWow64\kerberos.dll
2016-07-08 15:16 . 2016-08-10 15:11	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2016-07-08 15:16 . 2016-08-10 15:11	342528	----a-w-	c:\windows\SysWow64\certcli.dll
2016-07-08 15:16 . 2016-08-10 15:11	690688	----a-w-	c:\windows\SysWow64\adtschema.dll
2016-07-08 15:03 . 2016-08-10 15:11	64000	----a-w-	c:\windows\system32\auditpol.exe
2016-07-08 15:01 . 2016-08-10 15:09	3218944	----a-w-	c:\windows\system32\win32k.sys
2016-07-08 14:57 . 2016-08-10 15:11	159744	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2016-07-08 14:56 . 2016-08-10 15:11	291328	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2016-07-08 14:56 . 2016-08-10 15:11	129536	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VSee"="c:\users\HO\AppData\Roaming\VSeeInstall\vsee.exe" [2014-08-12 22674968]
"GoToMeeting"="c:\users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe" [2016-09-03 41536]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2014-11-19 1092448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2013-08-28 179976]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2016-09-07 830064]
"PowerDVD14Agent"="c:\program files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe" [2014-11-07 795672]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-01-15 642656]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-08-19 60136]
.
c:\users\HO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2015-10-13 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2014/02/02 00:06;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 {C5F942FD-1110-4664-86CE-0C6BDA305235};Power Control [2014/12/06 12:51];c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys;c:\windows\SYSNATIVE\DRIVERS\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsnxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdsnxc64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-17 18:13	1267528	----a-w-	c:\program files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55	322232	----a-w-	c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2016-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-03 12:28]
.
2016-09-18 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job
- c:\users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe [2016-09-03 08:21]
.
2016-09-18 c:\windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job
- c:\users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-03 08:21]
.
2016-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 22:37]
.
2016-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03 22:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-07-22 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-07-22 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-07-22 442328]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-09-09 176440]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.sony.eu/vaioportal
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\
FF - prefs.js: network.proxy.type - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{41564952-412D-5637-4300-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll
Toolbar-{41564952-412D-5637-4300-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Genie Timeline - c:\program files\Genie9\Genie Timeline\uninstall.exe
AddRemove-{05f7f410-0274-45d0-91dc-712a62aadd96} - c:\programdata\Package Cache\{05f7f410-0274-45d0-91dc-712a62aadd96}\Avira.OE.Setup.Bundle.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{C5F942FD-1110-4664-86CE-0C6BDA305235}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-09-18  09:32:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2016-09-18 07:32
.
Vor Suchlauf: 18 Verzeichnis(se), 406.743.998.464 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 408.300.650.496 Bytes frei
.
- - End Of File - - 32A5952A3D19B400B55C907ECA31FC09

--- --- ---

Voila, ich hoffe das passt so.. Arty

M-K-D-B · 18.09.2016, 13:22

Servus,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Arty · 18.09.2016, 20:35

Hallo Matthias, anbei die Datei...

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.18.04
  rootkit: v2016.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18426
HO :: HO-VAIO [administrator]

18.09.2016 20:41:53
mbar-log-2016-09-18 (20-41-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 365676
Time elapsed: 43 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

M-K-D-B · 18.09.2016, 21:29

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

Arty · 19.09.2016, 09:34

Hallo Mattias, anbei die Dateien...
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.020 - Bericht erstellt am 19/09/2016 um 07:30:08
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-18.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : HO - HO-VAIO
# Gestartet von : C:\Users\HO\Desktop\AdwCleaner_6.020.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10324 Bytes] - [17/09/2016 08:30:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [9785 Bytes] - [17/09/2016 08:27:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1334 Bytes] - [19/09/2016 07:30:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1407 Bytes] ##########

--- --- ---

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 19.09.2016
Suchlaufzeit: 08:52
Protokolldatei: Malwarebytes Anti-Malware log.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.19.02
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: HO

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365083
Abgelaufene Zeit: 38 Min., 40 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by HO (Administrator) on 19.09.2016 at 10:10:37,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16 

Failed to delete: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WR2BAQPA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1EDXD3I0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6AHW32OP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6H0UTXCE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6C3W8TQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXF5SU9F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC0OHTWF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\HO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW7ZNXFF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1EDXD3I0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6AHW32OP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6H0UTXCE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6C3W8TQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXF5SU9F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WR2BAQPA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC0OHTWF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW7ZNXFF (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.09.2016 at 10:14:22,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von HO (Administrator) auf HO-VAIO (19-09-2016 10:21:26)
Gestartet von C:\Users\HO\Desktop
Geladene Profile: HO &  (Verfügbare Profile: HO)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-28] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-11-07] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [VSee] => C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe [22674968 2014-08-12] (VSee Lab, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [GoToMeeting] => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe [41536 2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [VSee] => C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe [22674968 2014-08-12] (VSee Lab, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoToMeeting] => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe [41536 2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
Startup: C:\Users\HO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-12-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5D76E115-A2D2-4863-BB2E-9374840F8A75}: [DhcpNameServer] 10.3.128.4
Tcpip\..\Interfaces\{A11A85BB-E085-4FFD-94EE-FFC3A5FFC6C9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-569190459-326481895-3770856800-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {21E70A4D-EE68-4D33-9B96-CAEA082328E9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {6F1D62BB-A687-4750-A16D-0861C5CE8495} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {AF0246D0-1070-4208-AD72-6A975DE7EEC0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {21E70A4D-EE68-4D33-9B96-CAEA082328E9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6F1D62BB-A687-4750-A16D-0861C5CE8495} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {AF0246D0-1070-4208-AD72-6A975DE7EEC0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: CmjBrowserHelperObject Object -> {07A11D74-9D25-4fea-A833-8B0D76A5577A} -> C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @citrixonline.com/appdetectorplugin -> C:\Users\HO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: vsee.com/VSeeDetection -> C:\Users\HO\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2013-11-03] (VSee Lab)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\HO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: vsee.com/VSeeDetection -> C:\Users\HO\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2013-11-03] (VSee Lab)
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\search_engine.xml [2014-06-20]
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\youtube.xml [2015-12-06]
FF Extension: (Cliqz) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\cliqz@cliqz.com.xpi [2016-09-10]
FF Extension: (Firefox Hotfix) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\newtaboverride@agenedia.com.xpi [2016-08-04]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243464 2013-08-28] (CyberLink)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-15] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-03-07] (REDC)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-07] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 10:20 - 2016-09-19 10:20 - 02400256 _____ (Farbar) C:\Users\HO\Desktop\FRST64.exe
2016-09-19 10:19 - 2016-09-19 10:19 - 00016777 _____ C:\Users\HO\Desktop\rfQWzHkO.htm
2016-09-19 10:07 - 2016-09-19 10:07 - 01610560 _____ (Malwarebytes) C:\Users\HO\Desktop\JRT.exe
2016-09-19 09:32 - 2016-09-19 09:32 - 00001208 _____ C:\Malware Log.text
2016-09-19 07:25 - 2016-09-19 07:25 - 03861056 _____ C:\Users\HO\Desktop\AdwCleaner_6.020.exe
2016-09-18 20:41 - 2016-09-18 21:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 20:39 - 2016-09-18 21:26 - 00000000 ____D C:\Users\HO\Desktop\mbar
2016-09-18 20:36 - 2016-09-18 20:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HO\Downloads\mbar-1.09.3.1001.exe
2016-09-18 20:36 - 2016-09-18 20:38 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HO\Desktop\mbar-1.09.3.1001.exe
2016-09-18 09:40 - 2016-09-18 09:40 - 00035675 _____ C:\Users\HO\Desktop\Combofix.txt
2016-09-18 09:32 - 2016-09-18 09:32 - 00035675 _____ C:\ComboFix.txt
2016-09-18 08:40 - 2016-09-18 09:33 - 00000000 ____D C:\Qoobox
2016-09-18 08:40 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-09-18 08:40 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-09-18 08:40 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-09-18 08:39 - 2016-09-18 09:26 - 00000000 ____D C:\Windows\erdnt
2016-09-18 08:35 - 2016-09-18 08:36 - 05658813 ____R (Swearware) C:\Users\HO\Desktop\ComboFix.exe
2016-09-18 08:33 - 2016-09-18 08:36 - 00240828 _____ C:\TDSSKiller.3.1.0.11_18.09.2016_08.33.11_log.txt
2016-09-18 08:28 - 2016-09-18 08:30 - 00060181 _____ C:\Users\HO\Desktop\Addition.txt
2016-09-18 08:26 - 2016-09-19 10:21 - 00026946 _____ C:\Users\HO\Desktop\FRST.txt
2016-09-18 08:12 - 2016-09-18 08:12 - 02399232 _____ (Farbar) C:\Users\HO\Desktop\FRST64(1).exe
2016-09-17 20:19 - 2016-09-17 22:17 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.19.14_log.txt
2016-09-17 20:12 - 2016-09-17 20:12 - 00001208 _____ C:\Users\HO\Downloads\Malware Log I.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001217 _____ C:\Users\HO\Downloads\Malware log II.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001208 _____ C:\Malware Log I.txt
2016-09-17 20:03 - 2016-09-17 20:10 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.03.33_log.txt
2016-09-17 20:01 - 2016-09-17 20:03 - 00005352 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.01.54_log.txt
2016-09-17 20:01 - 2016-09-17 20:01 - 04747704 _____ (AO Kaspersky Lab) C:\Users\HO\Desktop\tdsskiller.exe
2016-09-17 19:54 - 2016-09-17 19:57 - 00059990 _____ C:\Users\HO\Downloads\Addition.txt
2016-09-17 19:50 - 2016-09-17 19:57 - 00034943 _____ C:\Users\HO\Downloads\FRST.txt
2016-09-17 19:49 - 2016-09-19 10:21 - 00000000 ____D C:\FRST
2016-09-17 19:49 - 2016-09-17 19:49 - 02399232 _____ (Farbar) C:\Users\HO\Downloads\FRST64.exe
2016-09-17 11:18 - 2016-09-19 10:15 - 00003148 _____ C:\Users\HO\Desktop\JRT.txt
2016-09-17 11:10 - 2016-09-17 11:10 - 01610560 _____ (Malwarebytes) C:\Users\HO\Downloads\JRT.exe
2016-09-17 08:35 - 2016-09-17 08:35 - 00010327 _____ C:\Users\HO\Downloads\AdwCleaner[C0].txt
2016-09-17 08:23 - 2016-09-19 07:30 - 00000000 ____D C:\AdwCleaner
2016-09-17 08:22 - 2016-09-17 08:22 - 03861056 _____ C:\Users\HO\Downloads\AdwCleaner_6.020.exe
2016-09-17 07:49 - 2016-09-17 07:49 - 00075064 _____ C:\Users\HO\Downloads\congstar_Monatsrechnung_2016_August_2201533992_7179511168.pdf
2016-09-17 07:48 - 2016-09-17 07:48 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-03 10:53 - 2016-09-03 10:53 - 00100591 _____ C:\Users\HO\Downloads\Cost sharing.pdf
2016-09-01 10:39 - 2016-09-02 08:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 19:38 - 2016-08-29 19:38 - 00314735 _____ C:\Users\HO\Downloads\Nutzungsbedingungen Haftpflicht-Siegel 11-2013.pdf
2016-08-29 08:09 - 2016-08-29 08:09 - 00009501 _____ C:\Users\HO\Downloads\Mappe2.xlsx
2016-08-26 17:19 - 2016-08-26 17:20 - 00000000 ____D C:\Users\HO\Desktop\Handelsvertreter
2016-08-26 13:57 - 2016-08-26 13:58 - 00278576 _____ C:\Windows\Minidump\082616-54101-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 10:16 - 2013-11-04 08:46 - 00000000 ____D C:\Users\HO\Documents\Outlook-Dateien
2016-09-19 10:12 - 2013-11-03 02:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-19 10:03 - 2015-01-08 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-19 09:28 - 2014-02-28 12:59 - 00000544 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-19 09:25 - 2013-11-03 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-19 09:17 - 2015-06-04 08:36 - 00000640 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-19 08:12 - 2013-11-03 02:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-19 07:36 - 2015-06-04 08:36 - 00003658 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-19 07:36 - 2014-02-28 12:59 - 00003562 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-19 07:31 - 2014-12-21 23:36 - 00007605 _____ C:\Users\HO\AppData\Local\Resmon.ResmonCfg
2016-09-19 07:26 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-19 07:26 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-19 07:18 - 2015-04-12 12:18 - 00000000 ____D C:\Users\HO\AppData\Local\HTC MediaHub
2016-09-19 07:18 - 2014-01-13 17:02 - 00000000 ____D C:\Users\HO\AppData\Local\FreePDF_XP
2016-09-19 07:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 20:39 - 2015-01-08 20:06 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 09:58 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-18 09:33 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-09-18 09:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-09-18 08:23 - 2015-01-02 15:16 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-18 08:23 - 2015-01-02 15:15 - 00000000 ____D C:\Program Files\iTunes
2016-09-18 08:23 - 2014-01-26 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-18 08:22 - 2015-01-02 15:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-17 20:14 - 2013-11-03 02:32 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 20:14 - 2013-11-03 02:32 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 19:56 - 2015-01-15 22:35 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-17 08:59 - 2014-08-12 21:05 - 00001401 _____ C:\Users\HO\Desktop\GoToMeeting.lnk
2016-09-17 08:59 - 2014-05-23 11:15 - 00002467 _____ C:\Users\HO\Desktop\GoToMeeting Quick Connect.lnk
2016-09-17 08:00 - 2016-07-27 08:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-17 07:48 - 2016-07-26 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-17 07:39 - 2013-11-03 15:19 - 00000000 ____D C:\Users\HO\AppData\Local\CrashDumps
2016-09-16 09:54 - 2013-11-03 11:02 - 00000000 ____D C:\Users\HO\AppData\Roaming\Skype
2016-09-14 14:28 - 2013-11-03 02:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 14:28 - 2013-11-03 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 14:28 - 2013-11-03 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 14:27 - 2013-11-03 02:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 14:27 - 2013-11-03 01:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-09 09:45 - 2013-11-03 01:26 - 00000000 ____D C:\ProgramData\Skype
2016-09-09 09:44 - 2015-09-21 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-02 08:39 - 2014-02-09 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 17:37 - 2013-11-03 03:24 - 00000000 ____D C:\Users\HO\Documents\Business
2016-08-26 14:04 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-26 13:57 - 2016-04-22 06:11 - 594320949 _____ C:\Windows\MEMORY.DMP
2016-08-26 13:57 - 2013-11-06 11:04 - 00000000 ____D C:\Windows\Minidump
2016-08-26 09:45 - 2014-03-05 11:44 - 00504360 _____ C:\test.xml
2016-08-20 06:18 - 2014-07-30 15:04 - 00000000 ____D C:\Users\HO\AppData\Roaming\FileZilla

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-21 23:36 - 2016-09-19 07:31 - 0007605 _____ () C:\Users\HO\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\HO\AppData\Local\Temp\avgnt.exe
C:\Users\HO\AppData\Local\Temp\libeay32.dll
C:\Users\HO\AppData\Local\Temp\msvcr120.dll
C:\Users\HO\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HO\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 12:27

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von HO (19-09-2016 10:22:15)
Gestartet von C:\Users\HO\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-02 23:57:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-569190459-326481895-3770856800-500 - Administrator - Disabled)
Gast (S-1-5-21-569190459-326481895-3770856800-501 - Limited - Disabled)
HO (S-1-5-21-569190459-326481895-3770856800-1001 - Administrator - Enabled) => C:\Users\HO
HomeGroupUser$ (S-1-5-21-569190459-326481895-3770856800-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{0CC145EE-0BDD-C10F-1E52-CB2F6C4894E4}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6916.52 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demos - Telerik UI for WPF (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\fbb955dce3a1c387) (Version: 2015.1.224.40 - Demos - Telerik UI for WPF)
Demos - Telerik UI for WPF (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\fbb955dce3a1c387) (Version: 2015.1.224.40 - Demos - Telerik UI for WPF)
DevExpress Components 14.2 (HKLM-x32\...\DevExpress Components 14.2) (Version: 14.2.5 - Developer Express Inc.)
DevExpress Components 15.1 (HKLM-x32\...\DevExpress Components 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress DevExtreme 15.1 (HKLM-x32\...\DevExpress DevExtreme 15.1) (Version: 15.1.5 - Developer Express Inc.)
DevExpress WPF Demos (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\f51599dacb2f3d3c) (Version: 15.1.205.0 - Developer Express Inc.)
DevExpress WPF Demos (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\f51599dacb2f3d3c) (Version: 15.1.205.0 - Developer Express Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Firebird 2.1.1.17910 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.1.17910 - Firebird Project)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 5.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.23.0.5573 (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\GoToMeeting) (Version: 7.23.0.5573 - CitrixOnline)
GoToMeeting 7.23.0.5573 (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.23.0.5573 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mindjet MindManager Pro 7 (HKLM-x32\...\{43EE9158-D821-4D6B-B1C7-06A8B97E6CCF}) (Version: 7.2.374 - Mindjet LLC)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
OlapGrid WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\1fc3393c7449819d) (Version: 12.4.0.24 - Syncfusion Inc.)
OlapGrid WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1fc3393c7449819d) (Version: 12.4.0.24 - Syncfusion Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PivotAnalysis WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\dfa630185c8b5543) (Version: 12.4.0.24 - Syncfusion Inc.)
PivotAnalysis WPF Samples (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dfa630185c8b5543) (Version: 12.4.0.24 - Syncfusion Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
SommerGlobal (HKLM-x32\...\SommerGlobal) (Version: 6.3016 - Sommer Informatik GmbH)
SommerGlobal (x32 Version: 6.3016 - Sommer Informatik GmbH) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Telekom Konferenz Add-In für Outlook (HKLM-x32\...\{4C56EDD2-2757-43A0-AFC5-25DDE9D22E71}) (Version: 2.6.0.1011 - Lindenbaum)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO C Series - Summer 2011 Screensaver (HKLM-x32\...\VAIO C Series - Summer 2011 Screensaver) (Version:  - )
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.3.0.02180 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSee (HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\VSee) (Version: 14.0.0.808 - VSee Lab Inc)
VSee (HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\VSee) (Version: 14.0.0.808 - VSee Lab Inc)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{4C684845-7AC6-4416-AC5B-A6D9D11515B9}\InprocServer32 -> C:\Users\HO\AppData\Local\Telekom\Outlook-Conference-AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-569190459-326481895-3770856800-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\HO\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {081F301A-6B71-4225-91D3-38A4AFC24723} - System32\Tasks\{360666CB-5CB9-472E-9F96-D69F33A4DC6A} => pcalua.exe -a C:\Users\HO\Downloads\iTunesSetup9.exe -d C:\Users\HO\Downloads
Task: {25099F84-1388-4465-971C-7E08915AD32B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {2A9B977D-752F-46A9-AC9F-9F11CD641993} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {38B63202-CFE9-4D88-A6B9-D3D0E3609658} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {3E6AE482-FBD3-4AAF-AB7F-CB2F0D84962F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {3EDE753E-5C0F-448E-8F79-83E566B94314} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {4C00145D-1830-407B-B05E-0D4400DC91F2} - System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {51B5FC18-8819-4E6C-95AC-D9156C5B17A9} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Daily => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {55A8BD0B-6B27-41DF-A629-164117F2F8DB} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {5E7D6C53-DDEC-49A1-A1CB-B6511A1E2CE4} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8C27B2E1-63C0-4F63-B2A6-D5755D315DDF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {91930A06-7A38-4B76-BED1-BE271DF4606F} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {957B2D01-B489-4A33-A974-B4C46D367199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AC4C0213-773B-4957-BCF8-831DAFFE3D63} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Month => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {AED7151B-5F23-4478-8D79-9EE3A686494F} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {BB23A0BB-D47B-4D72-9153-F88057B703A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C47BD-AD42-407D-92DB-FF304E25D54D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {C12FF1F3-0174-4E27-85BF-B84C191FBD41} - System32\Tasks\{05D7C6C5-D642-4B16-99A7-66A4BD97A86F} => pcalua.exe -a C:\Users\HO\Downloads\msicuu2.exe -d C:\Users\HO\Downloads
Task: {C8F614A5-12E2-45DD-B8BC-75325D23E8B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C8F62CDE-E3C5-4226-BB23-744B5DA35E77} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {CE5B4E6B-3BA4-4F91-A6E7-8AF9D4895804} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {E1FE5D63-DA2C-4BD3-84AC-A7A8C295643B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {E4C050E0-EB35-40C8-9827-4C37AE1794A7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {E599CC42-B7A2-488F-AD02-31517F66B294} - System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001 => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E69C0F0F-96E3-42BA-91EA-BA26818FAE7A} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {EB9C0252-7389-41C4-A29A-B0E936BBFF2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-18 18:10 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-03-19 17:47 - 2015-03-19 17:47 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-03-19 17:48 - 2015-03-19 17:48 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-03-19 17:49 - 2015-03-19 17:49 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2016-05-13 10:18 - 2016-05-13 10:18 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8c02229a9868d155acb626160d3dd0b8\IsdiInterop.ni.dll
2013-11-03 00:40 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-18 09:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-569190459-326481895-3770856800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-569190459-326481895-3770856800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\HO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MMReminderService => C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{3BB50929-F43A-4F08-A4F4-587874D68AF8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B5D8D88C-2ADF-4CA8-82D9-9FCC096720ED}] => (Allow) LPort=2869
FirewallRules: [{85A0909A-D9F2-4EDA-8315-705E0DDDD773}] => (Allow) LPort=1900
FirewallRules: [{9BBA1C80-654C-47E7-BC9D-0F83F0FF25CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A731DFE5-50E2-47AF-810A-45B6CA733A69}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5DC5F713-DD89-4C05-A133-E0538B9E8A9A}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{D195C204-A992-4BA1-93E3-3C5108C95462}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{476B5C91-C840-488F-AE97-9D0EB1C1C7FF}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{B7F4D783-ADCD-4D62-94EC-1C8527D53811}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{50BB5CDA-830E-474E-BE77-A9762CDCD790}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{BCA545CA-0B4A-4B86-8EB0-46EA23187C51}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [TCP Query User{3999D4C8-135C-4ADB-A4D8-5B46475C723C}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{39DF657A-EFE8-455D-A104-28866E0032D2}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [TCP Query User{3DB3BD84-D6F5-4E4B-B8C2-1C440FEA23E1}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{98E0B391-2773-4D86-A7D3-DEEC399CEA43}C:\users\ho\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\ho\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [{026F8CBF-3560-45E3-8B37-ED80293911EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{A4016A79-9640-42FE-815B-AC73B9FB2150}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{326B1180-77CE-447C-B73C-DA2F70163415}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{7C2C2850-83C2-473A-A7BC-6836209F4A21}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{63976B40-4F36-47D4-B72D-EDE34EF04439}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [TCP Query User{4D78AEC3-1E57-4C2E-8525-B78AA389EA2C}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{A533FC09-74CC-4D05-A533-3216431E5C95}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{BA6354D1-9FE3-4B15-A065-5625E15353DA}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{AFDD54EE-D9EF-4563-9FB1-6F38D67CF822}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{E4134387-3679-4472-8613-FCA984B94E9A}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{1D796511-92A5-4E48-85A8-4C1B6F22E1BF}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{22624CD5-065C-4C44-9E03-DBC335FDD62D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{7D68761C-32B5-4883-9EB7-78E0E5A900A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{1A4F137B-55D4-440E-BC09-31C8D409FB5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{CA3A75E8-0D96-4851-B1BC-1FC62FB9035F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{1598C322-4E7B-4A50-ADF0-1D1BE495FE92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{76C4D025-C7F5-4CD9-A99E-9DB0E9DBE641}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35C20C6F-FAF2-4746-9AC5-8E65C92F6D2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5DD3A7F9-C9BB-44E3-9806-156D92A792F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A88AB21-6B80-49C7-8BD6-0965D33028CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E47BB049-6453-48AE-8DFC-4F4F5537842E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F692E75-8F62-4E9D-AC9D-5AFD18023E0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F81CBE9-DEF2-4192-920B-E5BEA230AFDD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5B93884F-9E41-47D8-8550-9E4C1B0975DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E77A1DEF-1547-4E2B-A0EA-997538DF2E89}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{721383C9-0538-4380-BA4E-3A190CD20D7C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{2B1249AB-CEA1-4B1D-B6B1-CD75FF5191BD}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{6408B26D-2161-48DB-A59B-68CCAC804D0F}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{1B519982-B987-44DA-9BFA-383155EAE109}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{E6B28C32-0338-4C66-AFB0-3CA2A0E4FD21}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9D13E9F-C3B6-444A-8823-EC99DEAC9F2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{033F2696-CA07-46CB-9582-54326E3BB596}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2335E0A9-AA2C-4562-8F86-BADD172443AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2423AB4-7D18-4474-A399-BB09DEBB62AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D8BA448-2DC5-4401-A094-1E120D4718A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4FFB62D-8078-45C9-981C-D35DED118792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CC073E34-E003-456C-B16D-91388EEB77E0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [{CF7B1A29-2A0E-4CB9-992C-465F14A9C38E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-08-2016 12:34:23 Windows Update
16-08-2016 13:17:27 Windows Update
17-08-2016 11:32:49 Windows Update
26-08-2016 08:42:24 Windows Update
26-08-2016 12:41:20 Windows Update
30-08-2016 10:08:52 Windows Update
07-09-2016 06:54:17 Windows Update
17-09-2016 11:11:29 JRT Pre-Junkware Removal
19-09-2016 10:10:44 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/19/2016 07:18:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 08:25:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 10:00:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 09:44:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 09:11:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 08:06:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 10:17:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 07:41:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:33:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2016 08:19:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (09/19/2016 07:38:59 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/19/2016 07:16:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/19/2016 07:16:42 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/18/2016 10:04:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/18/2016 08:24:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HuaweiHiSuiteService64.exe" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/18/2016 08:24:01 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (09/18/2016 11:23:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/18/2016 10:00:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/18/2016 10:00:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/18/2016 10:00:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.


CodeIntegrity:
===================================
  Date: 2016-09-18 08:59:42.568
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 08:59:42.498
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.687
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.606
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.516
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-07 22:23:44.424
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4007.14 MB
Verfügbarer physikalischer RAM: 1734.95 MB
Summe virtueller Speicher: 8012.46 MB
Verfügbarer virtueller Speicher: 5011.65 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:579.92 GB) (Free:381.97 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:645.45 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 66A1540B)
Partition 1: (Not Active) - (Size=16.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=579.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD73D487)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

Zur Info: Svchost.exe(netsvcs) belastet noch das System...

Ok, danke einstweilen. Bis später.. Arty

M-K-D-B · 19.09.2016, 15:55

Servus,

bisher sieht es so aus, als habe dein Problem nichts mit Malware zu tun.

wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Arty · 19.09.2016, 22:02

Hi Matthias, habe die deine Liste abgearbeitet

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von HO (19-09-2016 17:42:45) Run:1
Gestartet von C:\Users\HO\Desktop
Geladene Profile: HO (Verfügbare Profile: HO)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9672-0203

 Verzeichnis von C:\Program Files

22.09.2015  08:31    <DIR>          .
22.09.2015  08:31    <DIR>          ..
08.04.2014  18:52    <DIR>          7-Zip
03.11.2013  00:47    <DIR>          ATI
05.11.2014  12:06    <DIR>          ATI Technologies
22.09.2015  08:31    <DIR>          Bonjour
05.12.2013  00:07    <DIR>          CCleaner
02.01.2015  15:14    <DIR>          Common Files
07.07.2014  11:05    <DIR>          DIFX
03.11.2013  00:28    <DIR>          DVD Maker
16.05.2015  08:34    <DIR>          Google
18.12.2013  17:59    <DIR>          gs
11.08.2016  08:11    <DIR>          Internet Explorer
02.01.2015  15:15    <DIR>          iPod
18.09.2016  08:23    <DIR>          iTunes
03.11.2013  00:50    <DIR>          Java
15.03.2011  04:36    <DIR>          Microsoft Games
03.11.2013  19:45    <DIR>          Microsoft Office
23.06.2016  13:53    <DIR>          Microsoft Silverlight
27.02.2015  23:19    <DIR>          Microsoft SQL Server
27.02.2015  23:18    <DIR>          Microsoft Visual Studio 9.0
27.02.2015  23:17    <DIR>          Microsoft.NET
14.07.2009  07:32    <DIR>          MSBuild
03.11.2013  00:41    <DIR>          Realtek
14.07.2009  07:32    <DIR>          Reference Assemblies
30.09.2014  14:11    <DIR>          Sony
03.11.2013  00:48    <DIR>          Synaptics
14.06.2014  20:25    <DIR>          VideoLAN
03.11.2013  13:25    <DIR>          Windows Defender
12.05.2016  07:05    <DIR>          Windows Journal
03.11.2013  00:56    <DIR>          Windows Live
03.11.2013  00:28    <DIR>          Windows Mail
09.03.2016  19:45    <DIR>          Windows Media Player
03.11.2013  01:57    <DIR>          Windows NT
03.11.2013  00:28    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
03.11.2013  00:28    <DIR>          Windows Sidebar
               0 Datei(en),              0 Bytes
              37 Verzeichnis(se), 409.184.825.344 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9672-0203

 Verzeichnis von C:\Program Files (x86)

17.09.2016  08:30    <DIR>          .
17.09.2016  08:30    <DIR>          ..
02.11.2015  19:52    <DIR>          Adobe
05.11.2014  12:06    <DIR>          AMD APP
05.11.2014  12:07    <DIR>          AMD AVT
24.03.2016  19:55    <DIR>          Apple Software Update
03.11.2013  01:14    <DIR>          ArcSoft
05.11.2014  11:26    <DIR>          Atheros WiFi Driver Installation
05.11.2014  12:05    <DIR>          ATI Technologies
27.07.2016  08:47    <DIR>          Avira
03.11.2013  00:42    <DIR>          Bluetooth Suite
22.09.2015  08:31    <DIR>          Bonjour
12.11.2013  12:31    <DIR>          Canon
08.11.2013  13:58    <DIR>          Citrix
18.09.2016  08:52    <DIR>          Common Files
21.09.2014  20:29    <DIR>          CyberLink
28.02.2015  13:07    <DIR>          DevExpress 14.2
27.07.2015  14:49    <DIR>          DevExpress 15.1
03.11.2013  01:24    <DIR>          Downloaded Installations
12.03.2015  23:13    <DIR>          dradio-Recorder
10.08.2016  11:03    <DIR>          FileZilla FTP Client
29.09.2015  14:37    <DIR>          Firebird
18.12.2013  18:10    <DIR>          FreePDF_XP
25.11.2013  21:40    <DIR>          FreeTime
19.08.2016  21:14    <DIR>          Google
04.12.2015  21:37    <DIR>          HiSuite
12.04.2015  12:18    <DIR>          HTC
05.11.2014  12:06    <DIR>          Intel
11.08.2016  08:11    <DIR>          Internet Explorer
02.02.2015  09:25    <DIR>          iTunes
22.01.2015  15:24    <DIR>          Java
25.12.2013  22:20    <DIR>          JonDo
24.03.2016  09:12    <DIR>           Malwarebytes Anti-Malware 
18.06.2015  07:35    <DIR>          McAfee Security Scan
15.11.2013  09:41    <DIR>          Microsoft
03.11.2013  19:45    <DIR>          Microsoft Analysis Services
03.11.2013  19:47    <DIR>          Microsoft Office
23.06.2016  13:53    <DIR>          Microsoft Silverlight
27.02.2015  23:18    <DIR>          Microsoft SQL Server
03.11.2013  01:00    <DIR>          Microsoft SQL Server Compact Edition
27.02.2015  23:18    <DIR>          Microsoft Visual Studio 9.0
27.02.2015  23:17    <DIR>          Microsoft.NET
29.04.2014  13:50    <DIR>          Mindjet
02.09.2016  08:39    <DIR>          Mozilla Firefox
02.09.2016  08:39    <DIR>          Mozilla Maintenance Service
14.07.2009  07:32    <DIR>          MSBuild
01.06.2014  10:36    <DIR>          MSECache
03.11.2013  01:20    <DIR>          MSXML 4.0
03.11.2013  01:26    <DIR>          Nascom
27.04.2015  14:23    <DIR>          Nokia
21.09.2014  20:30    <DIR>          NSIS Uninstall Information
08.01.2015  23:14    <DIR>          Opera
07.07.2014  11:04    <DIR>          PC Connectivity Solution
03.11.2013  00:41    <DIR>          Realtek
14.07.2009  07:32    <DIR>          Reference Assemblies
03.11.2013  00:48    <DIR>          Renesas Electronics
09.09.2016  09:44    <DIR>          Skype
03.11.2013  01:11    <DIR>          SmartSound Software
29.09.2015  14:36    <DIR>          Sommer Informatik GmbH
03.11.2013  01:27    <DIR>          Sony
05.12.2013  00:25    <DIR>          Spirent Communications
03.11.2013  13:25    <DIR>          Windows Defender
01.06.2014  10:41    <DIR>          Windows Installer Clean Up
03.11.2013  01:01    <DIR>          Windows Live
03.11.2013  00:28    <DIR>          Windows Mail
09.03.2016  19:45    <DIR>          Windows Media Player
14.07.2009  07:32    <DIR>          Windows NT
03.11.2013  00:28    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
03.11.2013  00:28    <DIR>          Windows Sidebar
14.08.2014  08:49    <DIR>          XMind
               0 Datei(en),              0 Bytes
              71 Verzeichnis(se), 409.184.817.152 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9672-0203

 Verzeichnis von C:\ProgramData

18.09.2016  20:41    <DIR>          .
18.09.2016  20:41    <DIR>          ..
02.06.2014  07:28    <DIR>          34BE82C4-E596-4e99-A191-52C6199EBF69
02.11.2015  19:51    <DIR>          Adobe
05.11.2014  12:07    <DIR>          AMD
26.01.2014  12:32    <DIR>          Apple
02.01.2015  15:15    <DIR>          Apple Computer
03.11.2013  03:22    <DIR>          ArcSoft
05.11.2014  11:24    <DIR>          Atheros
05.11.2014  14:30    <DIR>          ATI
27.07.2016  08:47    <DIR>          Avira
03.11.2013  13:50    <DIR>          CLSK
06.12.2014  13:30    <DIR>          CyberLink
03.11.2013  00:48    <DIR>          Downloaded Installations
01.07.2015  07:45    <DIR>          E1864A66-75E3-486a-BD95-D1B7D99A84A7
18.12.2013  18:10    <DIR>          FreePDF
08.05.2014  13:04    <DIR>          Genie9
16.05.2015  08:34    <DIR>          Google
12.04.2015  12:18    <DIR>          HTC
21.09.2014  20:28    <DIR>          install_clap
08.01.2015  20:06    <DIR>          Malwarebytes
18.09.2016  21:26    <DIR>          Malwarebytes' Anti-Malware (portable)
14.11.2013  07:53    <DIR>          McAfee
19.09.2016  12:46    <DIR>          Microsoft Help
29.04.2014  13:50    <DIR>          Mindjet
25.12.2013  22:12    <DIR>          Mozilla
07.07.2014  11:06    <DIR>          Nokia
07.07.2014  11:03    <DIR>          NokiaInstallerCache
22.01.2015  15:24    <DIR>          Oracle
17.09.2016  08:00    <DIR>          Package Cache
07.07.2014  11:09    <DIR>          PC Suite
21.09.2014  20:31    <DIR>          PDVD
12.11.2014  10:51    <DIR>          Qualcomm Atheros
03.11.2013  20:25    <DIR>          regid.1986-12.com.adobe
09.09.2016  09:45    <DIR>          Skype
03.11.2013  01:12    <DIR>          SmartSound Software Inc
25.07.2016  15:36    <DIR>          Sony Corporation
03.11.2013  00:50    <DIR>          Sun
06.12.2014  14:27    <DIR>          SUPPORTDIR
02.02.2014  01:05    <DIR>          Temp
               0 Datei(en),              0 Bytes
              40 Verzeichnis(se), 409.184.780.288 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9672-0203

 Verzeichnis von C:\Users\HO\AppData\Roaming

04.12.2015  21:30    <DIR>          .
04.12.2015  21:30    <DIR>          ..
22.05.2015  17:59    <DIR>          Adobe
07.11.2013  22:51    <DIR>          Apple Computer
03.11.2013  03:22    <DIR>          ArcSoft
30.03.2015  08:14    <DIR>          Atheros
03.11.2013  02:01    <DIR>          ATI
22.06.2014  11:10    <DIR>          Auslogics
07.04.2015  14:45    <DIR>          Avira
12.11.2013  12:34    <DIR>          Canon
04.12.2015  21:21    <DIR>          Cliqz
21.09.2014  20:33    <DIR>          CyberLink
27.07.2015  15:13    <DIR>          DevExpress
17.06.2014  21:05    <DIR>          dvdcss
20.08.2016  06:18    <DIR>          FileZilla
21.01.2015  08:48    <DIR>          Genie9
04.12.2015  21:39    <DIR>          gSyncit
12.04.2015  12:19    <DIR>          HTC
03.11.2013  01:59    <DIR>          Identities
03.11.2013  02:01    <DIR>          Intel Corporation
25.12.2013  22:17    <DIR>          JonDo
03.11.2013  01:03    <DIR>          Macromedia
06.12.2013  23:01    <DIR>          Malwarebytes
15.03.2011  04:36    <DIR>          Media Center Programs
09.02.2014  12:05    <DIR>          Mozilla
07.07.2014  11:10    <DIR>          Nokia
07.07.2014  11:10    <DIR>          Nokia Suite
03.11.2013  02:14    <DIR>          Opera Software
07.07.2014  11:10    <DIR>          PC Suite
12.03.2015  22:23    <DIR>          phonostar GmbH
16.09.2016  09:54    <DIR>          Skype
03.11.2013  02:01    <DIR>          Sony Corporation
05.06.2014  16:48    <DIR>          TeamViewer
26.03.2015  13:00    <DIR>          vlc
13.08.2014  08:50    <DIR>          VSee
13.08.2014  08:50    <DIR>          VSeeInstall
03.11.2013  20:26    <DIR>          Windows Live Writer
29.09.2015  14:38    <DIR>          WinSLT
               0 Datei(en),              0 Bytes
              38 Verzeichnis(se), 409.184.776.192 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9672-0203

 Verzeichnis von C:\Users\HO\AppData\Local

19.09.2016  08:12    <DIR>          .
19.09.2016  08:12    <DIR>          ..
02.11.2015  19:56    <DIR>          Adobe
07.11.2013  08:04    <DIR>          Apple
07.11.2013  08:06    <DIR>          Apple Computer
03.11.2013  16:17    <DIR>          Apps
03.11.2013  03:22    <DIR>          ArcSoft
30.12.2013  17:09    <DIR>          assembly
03.11.2013  02:01    <DIR>          ATI
03.11.2013  02:00    <DIR>          BMExplorer
02.11.2015  19:56    <DIR>          CEF
07.08.2015  11:01    <DIR>          Citrix
17.09.2016  07:39    <DIR>          CrashDumps
21.09.2014  20:31    <DIR>          Cyberlink
27.07.2015  15:31    <DIR>          Deployment
27.02.2015  23:05    <DIR>          Developer_Express_Inc
14.06.2016  12:34    <DIR>          Diagnostics
18.09.2015  18:49    <DIR>          Downloaded Installations
06.02.2015  19:50    <DIR>          ElevatedDiagnostics
19.09.2016  14:41    <DIR>          FreePDF_XP
12.04.2015  12:19            96.680 GDIPFONTCACHEV1.DAT
03.11.2013  02:32    <DIR>          Google
03.06.2015  18:07    <DIR>          GWX
04.12.2015  21:37    <DIR>          HiSuite
19.09.2016  14:43    <DIR>          HTC MediaHub
25.12.2013  22:18    <DIR>          Macromedia
04.09.2015  13:35    <DIR>          Microsoft
08.07.2015  09:20    <DIR>          Microsoft Help
29.04.2014  13:52    <DIR>          Mindjet
09.02.2014  12:05    <DIR>          Mozilla
07.07.2014  11:07    <DIR>          Nokia
07.07.2014  11:07    <DIR>          NokiaAccount
03.11.2013  02:14    <DIR>          Opera Software
06.12.2013  23:00    <DIR>          Programs
19.09.2016  14:49             7.605 Resmon.ResmonCfg
14.12.2015  11:05    <DIR>          Skype
23.11.2015  11:46    <DIR>          Sony Corporation
30.12.2013  17:09    <DIR>          Telekom
19.09.2016  17:42    <DIR>          Temp
04.12.2015  21:16    <DIR>          VirtualStore
17.09.2015  13:19    <DIR>          Windows Live
03.11.2013  20:26    <DIR>          Windows Live Writer
29.04.2014  13:49    <DIR>          {386B8773-4D93-4284-944E-29744A68C8BC}
               2 Datei(en),        104.285 Bytes
              41 Verzeichnis(se), 409.184.743.424 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-569190459-326481895-3770856800-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-569190459-326481895-3770856800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-569190459-326481895-3770856800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17209481 B
Java, Flash, Steam htmlcache => 1467 B
Windows/system/drivers => 609000 B
Edge => 0 B
Chrome => 1745264 B
Firefox => 47528447 B
Opera => 408984415 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66088 B
systemprofile32 => 36370540 B
LocalService => 1114438 B
NetworkService => 635080 B
HO => 635792300 B

RecycleBin => 17321 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:46:29 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8469a750cf3be6418a55589eb25ff4a3
# end=init
# utc_time=2016-09-19 04:01:03
# local_time=2016-09-19 06:01:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 30801
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8469a750cf3be6418a55589eb25ff4a3
# end=updated
# utc_time=2016-09-19 04:04:40
# local_time=2016-09-19 06:04:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=8469a750cf3be6418a55589eb25ff4a3
# engine=30801
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-19 08:12:00
# local_time=2016-09-19 10:12:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 98 26100 66916225 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 33904 225945770 0 0
# scanned=490825
# found=2
# cleaned=0
# scan_time=14838
sh=B0551BB347192A70DCC47BCB17544B70F7FFA60D ft=1 fh=66139bbf4f2fa7f0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\HO\Downloads\gSyncit - CHIP-Installer.exe"
sh=FCCE433EE76686D2D2C260BA73FC9E1F639BE6D2 ft=1 fh=81e68b9e2130178d vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\HO\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.276
www.hitmanpro.com

   Computer name . . . . : HO-VAIO
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : HO-VAIO\HO
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-09-19 22:30:01
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 18m 2s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 74

   Objects scanned . . . : 2.751.427
   Files scanned . . . . : 158.124
   Remnants scanned  . . : 1.016.188 files / 1.577.115 keys

Malware _____________________________________________________________________

   C:\Users\HO\Downloads\gSyncit - CHIP-Installer.exe
      Size . . . . . . . : 1.466.656 bytes
      Age  . . . . . . . : 290.0 days (2015-12-04 21:20:13)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : BECADAFE5478CC84FB797CC6B7B0A126AD609747A27480CB279E95698199F067
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pj
      Fuzzy  . . . . . . : 103.0

   C:\Users\HO\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
      Size . . . . . . . : 1.461.024 bytes
      Age  . . . . . . . : 334.2 days (2015-10-21 16:48:36)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 6CBCE18A0D5B09838BFD6B94931A7397AB8257A9238CEE25357D68F5E6F27718
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.po
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

   C:\Users\HO\Desktop\FRST64(1).exe
      Size . . . . . . . : 2.399.232 bytes
      Age  . . . . . . . : 1.6 days (2016-09-18 08:12:26)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3EE9D23F575FED89ACB77F84CF32ED652198267BB5EC53FE0B4F057852F43BA5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\HO\Desktop\FRST64.exe
      Size . . . . . . . : 2.400.256 bytes
      Age  . . . . . . . : 0.5 days (2016-09-19 10:20:24)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6F3ACEC7F83AFBB175899B64F7C51C5CA1335F499FCDA1481198449A5F985211
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\HO\Downloads\FRST64.exe
      Size . . . . . . . : 2.399.232 bytes
      Age  . . . . . . . : 2.1 days (2016-09-17 19:49:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3EE9D23F575FED89ACB77F84CF32ED652198267BB5EC53FE0B4F057852F43BA5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06FCEE940712E4B4C8A7362CD8D249A1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\085CE460BADC1D14EA94D8A62E517577\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0968491626AD249A2A6CBAC4DE352D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22A78C977EC431247B2ECECC374DFE13\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CAC1D959B4188B4F8E8C251A25DA9DB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4410C9B6FF0094C418865CD2B243B258\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4859A93046C917F408248F3C16F75E77\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4E28C30B25E21BF4C9418857AEB2AF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5D3B13CCBA08C479F107E50BD81C8A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65655A3C1C3738748BE6470495D534FC\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73A172B6C18A3594A9FA363311A187A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE43E6BAE0DC0B43883C669D8DCE8B1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D7860B78D7B6F64887AFCB83061837A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\81EE804DA9066C64A859E01A38075C59\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\879DDA62492E58A40898AD146BBB572E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88761D7BAC02ccc428CD5EF352BB933C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CB53AD495D2C5443B95C9EE29E47902\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F85A4D374D5bf245B8722C062C2D00E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98B242210207F2D48AF879D69C381D08\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA27FE018F87f5e4F97F31C09E7C5370\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5211271DD585A740AA28576B137D09D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C879DCC3D00BE8E4282F02F1735E78DF\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB3AEBFFA9E907145906294AB669B1F2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE142BFA81B72674892EB318BD603CB0\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE90A73A5D5A01a43A2EDCCF04BA9487\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D03E28F842DF79F4DA05A3B6B86B095C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D05B2B3F5629f9d41A7E57FB534168CA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D158B0E5D051EA046B8E08BF6B004842\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D45A81F48EF19334EABB33FF8871C4F5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8D06C15BF8AFCD449EFF90B935AEF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB1AE396B3BBfe940922C55C6EEF740A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF3C3F412F4F954F9F2723C62C65C25\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E954A03F45EC92B419A55A0D4815C0A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E97C12D46BF588241856422D760336B4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA1332016439DD54C840C7D45CFB2705\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFBB6B0872B0DBB4D912A0F52986399D\ (AskBar)

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von HO (Administrator) auf HO-VAIO (19-09-2016 22:50:23)
Gestartet von C:\Users\HO\Desktop
Geladene Profile: HO (Verfügbare Profile: HO)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VSee Lab, Inc.) C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mcomm.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mlauncher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-28] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-11-07] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [VSee] => C:\Users\HO\AppData\Roaming\VSeeInstall\vsee.exe [22674968 2014-08-12] (VSee Lab, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [GoToMeeting] => C:\Users\HO\AppData\Local\Citrix\GoToMeeting\5530\g2mstart.exe [41536 2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
Startup: C:\Users\HO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-12-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5D76E115-A2D2-4863-BB2E-9374840F8A75}: [DhcpNameServer] 10.3.128.4
Tcpip\..\Interfaces\{A11A85BB-E085-4FFD-94EE-FFC3A5FFC6C9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-569190459-326481895-3770856800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {21E70A4D-EE68-4D33-9B96-CAEA082328E9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {6F1D62BB-A687-4750-A16D-0861C5CE8495} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-569190459-326481895-3770856800-1001 -> {AF0246D0-1070-4208-AD72-6A975DE7EEC0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: CmjBrowserHelperObject Object -> {07A11D74-9D25-4fea-A833-8B0D76A5577A} -> C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default
FF SearchEngineOrder.1: SuchMaschine
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @citrixonline.com/appdetectorplugin -> C:\Users\HO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-569190459-326481895-3770856800-1001: vsee.com/VSeeDetection -> C:\Users\HO\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2013-11-03] (VSee Lab)
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\search_engine.xml [2014-06-20]
FF SearchPlugin: C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\searchplugins\youtube.xml [2015-12-06]
FF Extension: (Cliqz) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\cliqz@cliqz.com.xpi [2016-09-10]
FF Extension: (Firefox Hotfix) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\Extensions\newtaboverride@agenedia.com.xpi [2016-08-04]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-569190459-326481895-3770856800-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\HO\AppData\Roaming\Mozilla\Firefox\Profiles\3y4un2ge.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243464 2013-08-28] (CyberLink)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-09-19] (SurfRight B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-15] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-03-07] (REDC)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-07] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 22:30 - 2016-09-19 22:30 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-09-19 22:29 - 2016-09-19 22:49 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-19 22:29 - 2016-09-19 22:30 - 00000000 ____D C:\Program Files\HitmanPro
2016-09-19 22:29 - 2016-09-19 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-09-19 22:25 - 2016-09-19 22:25 - 11572656 _____ (SurfRight B.V.) C:\Users\HO\Desktop\HitmanPro_x64.exe
2016-09-19 17:59 - 2016-09-19 17:59 - 02870984 _____ (ESET) C:\Users\HO\Desktop\esetsmartinstaller_deu.exe
2016-09-19 17:42 - 2016-09-19 17:46 - 00015506 _____ C:\Users\HO\Desktop\Fixlog.txt
2016-09-19 10:28 - 2016-09-19 10:28 - 00001225 _____ C:\Users\HO\Desktop\Malwarebytes Anti-Malware log.txt
2016-09-19 10:20 - 2016-09-19 10:20 - 02400256 _____ (Farbar) C:\Users\HO\Desktop\FRST64.exe
2016-09-19 10:07 - 2016-09-19 10:07 - 01610560 _____ (Malwarebytes) C:\Users\HO\Desktop\JRT.exe
2016-09-19 09:32 - 2016-09-19 09:32 - 00001208 _____ C:\Malware Log.text
2016-09-19 07:25 - 2016-09-19 07:25 - 03861056 _____ C:\Users\HO\Desktop\AdwCleaner_6.020.exe
2016-09-18 20:41 - 2016-09-18 21:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 20:39 - 2016-09-18 21:26 - 00000000 ____D C:\Users\HO\Desktop\mbar
2016-09-18 20:36 - 2016-09-18 20:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HO\Downloads\mbar-1.09.3.1001.exe
2016-09-18 20:36 - 2016-09-18 20:38 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HO\Desktop\mbar-1.09.3.1001.exe
2016-09-18 09:40 - 2016-09-18 09:40 - 00035675 _____ C:\Users\HO\Desktop\Combofix.txt
2016-09-18 09:32 - 2016-09-18 09:32 - 00035675 _____ C:\ComboFix.txt
2016-09-18 08:40 - 2016-09-18 09:33 - 00000000 ____D C:\Qoobox
2016-09-18 08:40 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-09-18 08:40 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-09-18 08:40 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-09-18 08:40 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-09-18 08:39 - 2016-09-18 09:26 - 00000000 ____D C:\Windows\erdnt
2016-09-18 08:35 - 2016-09-18 08:36 - 05658813 ____R (Swearware) C:\Users\HO\Desktop\ComboFix.exe
2016-09-18 08:33 - 2016-09-18 08:36 - 00240828 _____ C:\TDSSKiller.3.1.0.11_18.09.2016_08.33.11_log.txt
2016-09-18 08:28 - 2016-09-19 10:23 - 00056928 _____ C:\Users\HO\Desktop\Addition.txt
2016-09-18 08:26 - 2016-09-19 22:51 - 00027288 _____ C:\Users\HO\Desktop\FRST.txt
2016-09-18 08:12 - 2016-09-18 08:12 - 02399232 _____ (Farbar) C:\Users\HO\Desktop\FRST64(1).exe
2016-09-17 20:19 - 2016-09-17 22:17 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.19.14_log.txt
2016-09-17 20:12 - 2016-09-17 20:12 - 00001208 _____ C:\Users\HO\Downloads\Malware Log I.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001217 _____ C:\Users\HO\Downloads\Malware log II.txt
2016-09-17 20:10 - 2016-09-17 20:10 - 00001208 _____ C:\Malware Log I.txt
2016-09-17 20:03 - 2016-09-17 20:10 - 00240828 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.03.33_log.txt
2016-09-17 20:01 - 2016-09-17 20:03 - 00005352 _____ C:\TDSSKiller.3.1.0.11_17.09.2016_20.01.54_log.txt
2016-09-17 20:01 - 2016-09-17 20:01 - 04747704 _____ (AO Kaspersky Lab) C:\Users\HO\Desktop\tdsskiller.exe
2016-09-17 19:54 - 2016-09-17 19:57 - 00059990 _____ C:\Users\HO\Downloads\Addition.txt
2016-09-17 19:50 - 2016-09-17 19:57 - 00034943 _____ C:\Users\HO\Downloads\FRST.txt
2016-09-17 19:49 - 2016-09-19 22:50 - 00000000 ____D C:\FRST
2016-09-17 19:49 - 2016-09-17 19:49 - 02399232 _____ (Farbar) C:\Users\HO\Downloads\FRST64.exe
2016-09-17 11:18 - 2016-09-19 10:15 - 00003148 _____ C:\Users\HO\Desktop\JRT.txt
2016-09-17 11:10 - 2016-09-17 11:10 - 01610560 _____ (Malwarebytes) C:\Users\HO\Downloads\JRT.exe
2016-09-17 08:35 - 2016-09-17 08:35 - 00010327 _____ C:\Users\HO\Downloads\AdwCleaner[C0].txt
2016-09-17 08:23 - 2016-09-19 07:30 - 00000000 ____D C:\AdwCleaner
2016-09-17 08:22 - 2016-09-17 08:22 - 03861056 _____ C:\Users\HO\Downloads\AdwCleaner_6.020.exe
2016-09-17 07:49 - 2016-09-17 07:49 - 00075064 _____ C:\Users\HO\Downloads\congstar_Monatsrechnung_2016_August_2201533992_7179511168.pdf
2016-09-17 07:48 - 2016-09-17 07:48 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-03 10:53 - 2016-09-03 10:53 - 00100591 _____ C:\Users\HO\Downloads\Cost sharing.pdf
2016-09-01 10:39 - 2016-09-02 08:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 19:38 - 2016-08-29 19:38 - 00314735 _____ C:\Users\HO\Downloads\Nutzungsbedingungen Haftpflicht-Siegel 11-2013.pdf
2016-08-29 08:09 - 2016-08-29 08:09 - 00009501 _____ C:\Users\HO\Downloads\Mappe2.xlsx
2016-08-26 17:19 - 2016-08-26 17:20 - 00000000 ____D C:\Users\HO\Desktop\Handelsvertreter
2016-08-26 13:57 - 2016-08-26 13:58 - 00278576 _____ C:\Windows\Minidump\082616-54101-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 22:28 - 2014-02-28 12:59 - 00000544 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-19 22:28 - 2013-11-04 08:46 - 00000000 ____D C:\Users\HO\Documents\Outlook-Dateien
2016-09-19 22:25 - 2013-11-03 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-19 22:12 - 2013-11-03 02:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-19 21:36 - 2015-01-08 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-19 21:17 - 2015-06-04 08:36 - 00000640 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001.job
2016-09-19 18:34 - 2014-12-21 23:36 - 00007605 _____ C:\Users\HO\AppData\Local\Resmon.ResmonCfg
2016-09-19 18:03 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-19 18:03 - 2009-07-14 06:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-19 17:53 - 2014-01-13 17:02 - 00000000 ____D C:\Users\HO\AppData\Local\FreePDF_XP
2016-09-19 17:51 - 2015-04-12 12:18 - 00000000 ____D C:\Users\HO\AppData\Local\HTC MediaHub
2016-09-19 17:50 - 2013-11-03 02:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-19 17:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-19 17:45 - 2013-11-28 12:01 - 00000000 ____D C:\Users\HO\AppData\LocalLow\Temp
2016-09-19 12:44 - 2013-11-03 11:06 - 00000000 ____D C:\Windows\system32\MRT
2016-09-19 12:31 - 2013-11-03 11:06 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-19 07:36 - 2015-06-04 08:36 - 00003658 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-19 07:36 - 2014-02-28 12:59 - 00003562 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-569190459-326481895-3770856800-1001
2016-09-18 20:39 - 2015-01-08 20:06 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 09:58 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-18 09:33 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-09-18 09:12 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-09-18 08:23 - 2015-01-02 15:16 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-18 08:23 - 2015-01-02 15:15 - 00000000 ____D C:\Program Files\iTunes
2016-09-18 08:23 - 2014-01-26 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-18 08:22 - 2015-01-02 15:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-17 20:14 - 2013-11-03 02:32 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 20:14 - 2013-11-03 02:32 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 19:56 - 2015-01-15 22:35 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-17 08:59 - 2014-08-12 21:05 - 00001401 _____ C:\Users\HO\Desktop\GoToMeeting.lnk
2016-09-17 08:59 - 2014-05-23 11:15 - 00002467 _____ C:\Users\HO\Desktop\GoToMeeting Quick Connect.lnk
2016-09-17 08:00 - 2016-07-27 08:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-17 07:48 - 2016-07-26 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-17 07:39 - 2013-11-03 15:19 - 00000000 ____D C:\Users\HO\AppData\Local\CrashDumps
2016-09-16 09:54 - 2013-11-03 11:02 - 00000000 ____D C:\Users\HO\AppData\Roaming\Skype
2016-09-14 14:28 - 2013-11-03 02:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 14:28 - 2013-11-03 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 14:28 - 2013-11-03 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 14:27 - 2013-11-03 02:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 14:27 - 2013-11-03 01:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-09 09:45 - 2013-11-03 01:26 - 00000000 ____D C:\ProgramData\Skype
2016-09-09 09:44 - 2015-09-21 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-02 08:39 - 2014-02-09 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 17:37 - 2013-11-03 03:24 - 00000000 ____D C:\Users\HO\Documents\Business
2016-08-26 14:04 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-26 13:57 - 2016-04-22 06:11 - 594320949 _____ C:\Windows\MEMORY.DMP
2016-08-26 13:57 - 2013-11-06 11:04 - 00000000 ____D C:\Windows\Minidump
2016-08-26 09:45 - 2014-03-05 11:44 - 00504360 _____ C:\test.xml
2016-08-20 06:18 - 2014-07-30 15:04 - 00000000 ____D C:\Users\HO\AppData\Roaming\FileZilla

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-21 23:36 - 2016-09-19 18:34 - 0007605 _____ () C:\Users\HO\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\HO\AppData\Local\Temp\avgnt.exe
C:\Users\HO\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 12:27

==================== Ende von FRST.txt ============================

--- --- ---

svchost exe netsvcs sorgt für sehr hohe cpu auslastung

Plagegeister aller Art und deren Bekämpfung: svchost exe netsvcs sorgt für sehr hohe cpu auslastung