Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Rechner sehr langsam geworden, Schadsoftware bei Mbam gefunden (https://www.trojaner-board.de/173732-rechner-sehr-langsam-geworden-schadsoftware-mbam-gefunden.html)

Larry3103 03.12.2015 15:42
Rechner sehr langsam geworden, Schadsoftware bei Mbam gefunden
 
Hallo Liebes Trojanerboard-Team :)

mein Rechner ist seit einigen Wochen sehr langsam geworden und auch Avira sowie Mbam geben Warnungen raus, auch wenn ich Programme starte. Dabei hat der Laptop auch Schwierigkeiten, wenn ich z.B. ein Word-Dokument bearbeiten will. Fast so als würde er das nicht schaffen ...

Hier mal meine Logs, die ich bisher erstellt habe. Ich muss die leider in 2 Beiträge aufteilen, weil die zu groß sind.

Code:
Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 2. Dezember 2015  00:00


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Avira Antivirus Free
Seriennummer  : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus    : Normal gebootet
Benutzername  : Marie
Computername  : R142016

Versionsinformationen:
BUILD.DAT      : 15.0.13.210    92152 Bytes  05.10.2015 15:51:00
AVSCAN.EXE    : 15.0.13.202  1183208 Bytes  11.10.2015 15:43:56
AVSCANRC.DLL  : 15.0.13.158    67688 Bytes  11.10.2015 15:43:56
LUKE.DLL      : 15.0.13.190    69248 Bytes  11.10.2015 15:44:14
AVSCPLR.DLL    : 15.0.13.202  106352 Bytes  11.10.2015 15:43:56
REPAIR.DLL    : 15.0.13.193  517328 Bytes  11.10.2015 15:43:55
REPAIR.RDF    : 1.0.12.48    1359646 Bytes  27.11.2015 21:14:11
AVREG.DLL      : 15.0.13.193  339632 Bytes  11.10.2015 15:43:55
AVLODE.DLL    : 15.0.13.193  633688 Bytes  11.10.2015 15:43:53
AVLODE.RDF    : 14.0.5.6      84211 Bytes  16.09.2015 18:57:18
XBV00029.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00030.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00031.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00032.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00033.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00034.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00035.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00036.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00037.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:25
XBV00038.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:26
XBV00039.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:26
XBV00040.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:26
XBV00041.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 09:38:26
XBV00172.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00173.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00174.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00175.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00176.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00177.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00178.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00179.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00180.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00181.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00182.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00183.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00184.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00185.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00186.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00187.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00188.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00189.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00190.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00191.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00192.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00193.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00194.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00195.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00196.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00197.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00198.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00199.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00200.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00201.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00202.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00203.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00204.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00205.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00206.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00207.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00208.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00209.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00210.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00211.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00212.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00213.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00214.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00215.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00216.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00217.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00218.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00219.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00220.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00221.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00222.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00223.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00224.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00225.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00226.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00227.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00228.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00229.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00230.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00231.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00232.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00233.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00234.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00235.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00236.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00237.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00238.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00239.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00240.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00241.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00242.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00243.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00244.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00245.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00246.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00247.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00248.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00249.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00250.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00251.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00252.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:11
XBV00253.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:12
XBV00254.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:12
XBV00255.VDF  : 8.12.28.114    2048 Bytes  17.11.2015 12:29:12
XBV00000.VDF  : 7.11.70.0  66736640 Bytes  04.04.2013 16:22:45
XBV00001.VDF  : 7.11.74.226  2201600 Bytes  30.04.2013 09:29:17
XBV00002.VDF  : 7.11.80.60  2751488 Bytes  28.05.2013 19:42:59
XBV00003.VDF  : 7.11.85.214  2162688 Bytes  21.06.2013 16:16:21
XBV00004.VDF  : 7.11.91.176  3903488 Bytes  23.07.2013 16:46:02
XBV00005.VDF  : 7.11.98.186  6822912 Bytes  29.08.2013 17:15:14
XBV00006.VDF  : 7.11.139.38 15708672 Bytes  27.03.2014 11:51:57
XBV00007.VDF  : 7.11.152.100  4193792 Bytes  02.06.2014 19:55:31
XBV00008.VDF  : 8.11.165.192  4251136 Bytes  07.08.2014 09:38:23
XBV00009.VDF  : 8.11.172.30  2094080 Bytes  15.09.2014 09:43:35
XBV00010.VDF  : 8.11.178.32  1581056 Bytes  14.10.2014 18:18:05
XBV00011.VDF  : 8.11.184.50  2178560 Bytes  11.11.2014 15:07:52
XBV00012.VDF  : 8.11.190.32  1876992 Bytes  03.12.2014 12:32:25
XBV00013.VDF  : 8.11.201.28  2973696 Bytes  14.01.2015 10:23:26
XBV00014.VDF  : 8.11.206.252  2695680 Bytes  04.02.2015 17:27:24
XBV00015.VDF  : 8.11.213.84  3175936 Bytes  03.03.2015 08:10:59
XBV00016.VDF  : 8.11.213.176  212480 Bytes  05.03.2015 14:13:36
XBV00017.VDF  : 8.11.219.166  2033664 Bytes  25.03.2015 14:48:11
XBV00018.VDF  : 8.11.225.88  2367488 Bytes  22.04.2015 13:27:44
XBV00019.VDF  : 8.11.230.186  1674752 Bytes  13.05.2015 12:01:58
XBV00020.VDF  : 8.11.237.30  4711936 Bytes  02.06.2015 08:58:37
XBV00021.VDF  : 8.11.243.12  2747904 Bytes  26.06.2015 14:11:04
XBV00022.VDF  : 8.11.248.172  2350592 Bytes  17.07.2015 13:22:37
XBV00023.VDF  : 8.11.254.112  2570752 Bytes  07.08.2015 20:50:13
XBV00024.VDF  : 8.12.3.6    2196480 Bytes  27.08.2015 20:35:11
XBV00025.VDF  : 8.12.8.238  1951232 Bytes  16.09.2015 18:57:19
XBV00026.VDF  : 8.12.16.180  2211328 Bytes  07.10.2015 16:07:56
XBV00027.VDF  : 8.12.21.126  2252288 Bytes  27.10.2015 19:37:29
XBV00028.VDF  : 8.12.28.114  2935296 Bytes  17.11.2015 12:29:07
XBV00042.VDF  : 8.12.28.118    33792 Bytes  17.11.2015 12:29:07
XBV00043.VDF  : 8.12.28.122    39424 Bytes  17.11.2015 12:29:07
XBV00044.VDF  : 8.12.28.124    2048 Bytes  18.11.2015 12:29:07
XBV00045.VDF  : 8.12.28.128    51712 Bytes  18.11.2015 12:29:07
XBV00046.VDF  : 8.12.28.130    2048 Bytes  18.11.2015 12:29:07
XBV00047.VDF  : 8.12.28.132    14336 Bytes  18.11.2015 12:29:08
XBV00048.VDF  : 8.12.28.158    10752 Bytes  18.11.2015 12:29:08
XBV00049.VDF  : 8.12.28.184    5632 Bytes  18.11.2015 14:28:24
XBV00050.VDF  : 8.12.28.210    3584 Bytes  18.11.2015 14:28:24
XBV00051.VDF  : 8.12.28.236    10240 Bytes  18.11.2015 14:28:24
XBV00052.VDF  : 8.12.29.6      27136 Bytes  18.11.2015 17:17:49
XBV00053.VDF  : 8.12.29.8      3072 Bytes  18.11.2015 17:17:49
XBV00054.VDF  : 8.12.29.10    15360 Bytes  18.11.2015 19:16:35
XBV00055.VDF  : 8.12.29.12      2048 Bytes  18.11.2015 19:16:35
XBV00056.VDF  : 8.12.29.14      2048 Bytes  18.11.2015 19:16:35
XBV00057.VDF  : 8.12.29.16    13312 Bytes  18.11.2015 21:16:35
XBV00058.VDF  : 8.12.29.18      2048 Bytes  18.11.2015 21:16:35
XBV00059.VDF  : 8.12.29.20    15360 Bytes  18.11.2015 21:16:35
XBV00060.VDF  : 8.12.29.22      6144 Bytes  18.11.2015 21:16:35
XBV00061.VDF  : 8.12.29.24      6144 Bytes  18.11.2015 15:04:13
XBV00062.VDF  : 8.12.29.26    13312 Bytes  18.11.2015 15:04:13
XBV00063.VDF  : 8.12.29.28    15872 Bytes  18.11.2015 15:04:13
XBV00064.VDF  : 8.12.29.52    39424 Bytes  19.11.2015 15:04:13
XBV00065.VDF  : 8.12.29.72      8192 Bytes  19.11.2015 15:04:13
XBV00066.VDF  : 8.12.29.92    13824 Bytes  19.11.2015 15:04:13
XBV00067.VDF  : 8.12.29.112    2048 Bytes  19.11.2015 15:04:13
XBV00068.VDF  : 8.12.29.156    62464 Bytes  19.11.2015 15:04:13
XBV00069.VDF  : 8.12.29.176    2048 Bytes  19.11.2015 15:04:13
XBV00070.VDF  : 8.12.29.196    17408 Bytes  19.11.2015 15:04:13
XBV00071.VDF  : 8.12.29.198    2048 Bytes  19.11.2015 15:04:13
XBV00072.VDF  : 8.12.29.200    2048 Bytes  19.11.2015 15:04:13
XBV00073.VDF  : 8.12.29.202    2048 Bytes  19.11.2015 15:04:13
XBV00074.VDF  : 8.12.29.204    2048 Bytes  19.11.2015 15:04:13
XBV00075.VDF  : 8.12.29.206    13312 Bytes  19.11.2015 15:04:13
XBV00076.VDF  : 8.12.29.210    37888 Bytes  20.11.2015 15:04:13
XBV00077.VDF  : 8.12.29.212    2048 Bytes  20.11.2015 15:04:13
XBV00078.VDF  : 8.12.29.252    2048 Bytes  20.11.2015 15:04:13
XBV00079.VDF  : 8.12.30.16    27136 Bytes  20.11.2015 15:04:13
XBV00080.VDF  : 8.12.30.56    11776 Bytes  20.11.2015 15:04:13
XBV00081.VDF  : 8.12.30.76    39936 Bytes  20.11.2015 15:04:13
XBV00082.VDF  : 8.12.30.78    17920 Bytes  20.11.2015 15:04:13
XBV00083.VDF  : 8.12.30.80      9728 Bytes  20.11.2015 15:04:13
XBV00084.VDF  : 8.12.30.82    10240 Bytes  20.11.2015 15:04:13
XBV00085.VDF  : 8.12.30.84      8704 Bytes  20.11.2015 15:04:13
XBV00086.VDF  : 8.12.30.86      8192 Bytes  20.11.2015 15:04:13
XBV00087.VDF  : 8.12.30.90    33792 Bytes  21.11.2015 15:04:13
XBV00088.VDF  : 8.12.30.92      2048 Bytes  21.11.2015 15:04:13
XBV00089.VDF  : 8.12.30.94    12288 Bytes  21.11.2015 15:04:13
XBV00090.VDF  : 8.12.30.96    31744 Bytes  21.11.2015 15:04:13
XBV00091.VDF  : 8.12.30.116    89600 Bytes  22.11.2015 15:04:13
XBV00092.VDF  : 8.12.30.178    81920 Bytes  23.11.2015 10:41:23
XBV00093.VDF  : 8.12.30.198    5120 Bytes  23.11.2015 10:41:23
XBV00094.VDF  : 8.12.30.216    7168 Bytes  23.11.2015 10:41:23
XBV00095.VDF  : 8.12.30.218    4096 Bytes  23.11.2015 10:41:23
XBV00096.VDF  : 8.12.30.220    8704 Bytes  23.11.2015 10:41:24
XBV00097.VDF  : 8.12.30.222    12288 Bytes  23.11.2015 10:41:24
XBV00098.VDF  : 8.12.30.224    7168 Bytes  23.11.2015 10:41:24
XBV00099.VDF  : 8.12.30.226    7168 Bytes  23.11.2015 10:41:24
XBV00100.VDF  : 8.12.30.228    10752 Bytes  23.11.2015 10:41:24
XBV00101.VDF  : 8.12.30.246    13824 Bytes  23.11.2015 10:41:24
XBV00102.VDF  : 8.12.31.8      6144 Bytes  23.11.2015 10:41:24
XBV00103.VDF  : 8.12.31.26      5120 Bytes  23.11.2015 10:41:24
XBV00104.VDF  : 8.12.31.44    16384 Bytes  23.11.2015 10:41:24
XBV00105.VDF  : 8.12.31.62      4096 Bytes  23.11.2015 10:41:24
XBV00106.VDF  : 8.12.31.80    10752 Bytes  23.11.2015 10:41:24
XBV00107.VDF  : 8.12.31.82      2048 Bytes  23.11.2015 10:41:24
XBV00108.VDF  : 8.12.31.84      4608 Bytes  23.11.2015 10:41:24
XBV00109.VDF  : 8.12.31.86      8192 Bytes  23.11.2015 10:41:24
XBV00110.VDF  : 8.12.31.90    26624 Bytes  24.11.2015 10:41:24
XBV00111.VDF  : 8.12.31.92      3072 Bytes  24.11.2015 10:41:24
XBV00112.VDF  : 8.12.31.94      2048 Bytes  24.11.2015 10:41:24
XBV00113.VDF  : 8.12.31.96    14336 Bytes  24.11.2015 10:41:24
XBV00114.VDF  : 8.12.31.98      9216 Bytes  24.11.2015 10:41:24
XBV00115.VDF  : 8.12.31.100    6656 Bytes  24.11.2015 14:52:42
XBV00116.VDF  : 8.12.31.102    7168 Bytes  24.11.2015 14:52:42
XBV00117.VDF  : 8.12.31.104    3072 Bytes  24.11.2015 14:52:42
XBV00118.VDF  : 8.12.31.106    8704 Bytes  24.11.2015 14:52:42
XBV00119.VDF  : 8.12.31.108    2048 Bytes  24.11.2015 14:52:42
XBV00120.VDF  : 8.12.31.110    9728 Bytes  24.11.2015 14:52:42
XBV00121.VDF  : 8.12.31.128    10752 Bytes  24.11.2015 14:52:42
XBV00122.VDF  : 8.12.31.130    21504 Bytes  24.11.2015 14:52:42
XBV00123.VDF  : 8.12.31.132    9216 Bytes  24.11.2015 14:52:42
XBV00124.VDF  : 8.12.31.134    15872 Bytes  24.11.2015 14:52:42
XBV00125.VDF  : 8.12.31.140    13824 Bytes  25.11.2015 14:52:43
XBV00126.VDF  : 8.12.31.142    4608 Bytes  25.11.2015 14:52:43
XBV00127.VDF  : 8.12.31.144    23552 Bytes  25.11.2015 14:52:43
XBV00128.VDF  : 8.12.31.146    34816 Bytes  25.11.2015 14:52:43
XBV00129.VDF  : 8.12.31.154    60416 Bytes  25.11.2015 22:00:58
XBV00130.VDF  : 8.12.31.172    7680 Bytes  25.11.2015 22:00:58
XBV00131.VDF  : 8.12.31.188    8192 Bytes  25.11.2015 00:00:53
XBV00132.VDF  : 8.12.31.204    2048 Bytes  25.11.2015 00:00:53
XBV00133.VDF  : 8.12.31.220    12288 Bytes  25.11.2015 02:00:54
XBV00134.VDF  : 8.12.31.224    2048 Bytes  26.11.2015 02:00:54
XBV00135.VDF  : 8.12.31.242    18944 Bytes  26.11.2015 21:14:11
XBV00136.VDF  : 8.12.31.244    2048 Bytes  26.11.2015 21:14:11
XBV00137.VDF  : 8.12.31.246    2048 Bytes  26.11.2015 21:14:11
XBV00138.VDF  : 8.12.31.248    37888 Bytes  26.11.2015 21:14:11
XBV00139.VDF  : 8.12.31.250    11264 Bytes  26.11.2015 21:14:11
XBV00140.VDF  : 8.12.31.252    2048 Bytes  26.11.2015 21:14:11
XBV00141.VDF  : 8.12.31.254    6144 Bytes  26.11.2015 21:14:11
XBV00142.VDF  : 8.12.32.2      12800 Bytes  26.11.2015 21:14:11
XBV00143.VDF  : 8.12.32.4      2560 Bytes  26.11.2015 21:14:11
XBV00144.VDF  : 8.12.32.6      11776 Bytes  26.11.2015 21:14:11
XBV00145.VDF  : 8.12.32.8      17920 Bytes  26.11.2015 21:14:11
XBV00146.VDF  : 8.12.32.10      2048 Bytes  26.11.2015 21:14:11
XBV00147.VDF  : 8.12.32.12      3584 Bytes  27.11.2015 21:14:11
XBV00148.VDF  : 8.12.32.14    69632 Bytes  27.11.2015 21:14:11
XBV00149.VDF  : 8.12.32.30      2048 Bytes  27.11.2015 21:14:11
XBV00150.VDF  : 8.12.32.46      8192 Bytes  27.11.2015 21:14:11
XBV00151.VDF  : 8.12.32.62    12800 Bytes  27.11.2015 21:14:11
XBV00152.VDF  : 8.12.32.78      2048 Bytes  27.11.2015 21:14:11
XBV00153.VDF  : 8.12.32.94    16896 Bytes  27.11.2015 21:14:11
XBV00154.VDF  : 8.12.32.96      5632 Bytes  27.11.2015 21:14:11
XBV00155.VDF  : 8.12.32.98      5120 Bytes  27.11.2015 21:14:11
XBV00156.VDF  : 8.12.32.100    11776 Bytes  27.11.2015 15:10:30
XBV00157.VDF  : 8.12.32.102    13312 Bytes  27.11.2015 15:10:30
XBV00158.VDF  : 8.12.32.104    8704 Bytes  27.11.2015 15:10:30
XBV00159.VDF  : 8.12.32.106    6144 Bytes  27.11.2015 15:10:30
XBV00160.VDF  : 8.12.32.108    2048 Bytes  28.11.2015 15:10:30
XBV00161.VDF  : 8.12.32.112    56832 Bytes  28.11.2015 15:10:30
XBV00162.VDF  : 8.12.32.118    2048 Bytes  28.11.2015 15:10:30
XBV00163.VDF  : 8.12.32.120    16384 Bytes  28.11.2015 15:10:30
XBV00164.VDF  : 8.12.32.138    11264 Bytes  28.11.2015 15:10:30
XBV00165.VDF  : 8.12.32.152    2048 Bytes  28.11.2015 15:10:30
XBV00166.VDF  : 8.12.32.166    7168 Bytes  28.11.2015 15:10:30
XBV00167.VDF  : 8.12.32.180    96768 Bytes  29.11.2015 15:10:30
XBV00168.VDF  : 8.12.32.194    2048 Bytes  29.11.2015 15:10:30
XBV00169.VDF  : 8.12.32.208    6144 Bytes  29.11.2015 15:10:30
XBV00170.VDF  : 8.12.32.222    7168 Bytes  29.11.2015 15:10:30
XBV00171.VDF  : 8.12.32.236    5120 Bytes  29.11.2015 15:10:30
LOCAL000.VDF  : 8.12.32.236 146283520 Bytes  29.11.2015 15:10:59
Engineversion  : 8.3.34.82
AEBB.DLL      : 8.1.3.0        59296 Bytes  22.11.2015 15:04:11
AECORE.DLL    : 8.3.9.0      249920 Bytes  18.11.2015 12:29:01
AEDROID.DLL    : 8.4.3.348    1800104 Bytes  06.11.2015 11:50:51
AEEMU.DLL      : 8.1.3.6      404328 Bytes  22.11.2015 15:04:11
AEEXP.DLL      : 8.4.2.134    277360 Bytes  18.11.2015 12:29:05
AEGEN.DLL      : 8.1.8.8      487480 Bytes  27.11.2015 21:14:09
AEHELP.DLL    : 8.3.2.6      284584 Bytes  22.11.2015 15:04:11
AEHEUR.DLL    : 8.1.4.2064  9923440 Bytes  27.11.2015 21:14:10
AEMOBILE.DLL  : 8.1.8.10      301936 Bytes  27.11.2015 21:14:11
AEOFFICE.DLL  : 8.3.1.56      408432 Bytes  23.10.2015 12:13:28
AEPACK.DLL    : 8.4.1.18      802880 Bytes  27.10.2015 19:37:28
AERDL.DLL      : 8.2.1.38      813928 Bytes  06.11.2015 11:50:50
AESBX.DLL      : 8.2.21.2    1629032 Bytes  06.11.2015 11:50:51
AESCN.DLL      : 8.3.4.0      141216 Bytes  18.11.2015 12:29:05
AESCRIPT.DLL  : 8.3.0.4      542632 Bytes  22.11.2015 15:04:12
AEVDF.DLL      : 8.3.2.4      141216 Bytes  22.11.2015 15:04:12
AVWINLL.DLL    : 15.0.13.158    29600 Bytes  11.10.2015 15:43:48
AVPREF.DLL    : 15.0.13.158    55864 Bytes  11.10.2015 15:43:55
AVREP.DLL      : 15.0.13.158  225320 Bytes  11.10.2015 15:43:55
AVARKT.DLL    : 15.0.13.158  232000 Bytes  11.10.2015 15:43:49
AVEVTLOG.DLL  : 15.0.13.190  202112 Bytes  11.10.2015 15:43:51
SQLITE3.DLL    : 15.0.13.158  461672 Bytes  11.10.2015 15:44:17
AVSMTP.DLL    : 15.0.13.158    82120 Bytes  11.10.2015 15:43:57
NETNT.DLL      : 15.0.13.158    18792 Bytes  11.10.2015 15:44:14
CommonImageRc.dll: 15.0.13.190  4308216 Bytes  11.10.2015 15:43:48
CommonTextRc.dll: 15.0.13.158    70784 Bytes  11.10.2015 15:43:48

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Mittwoch, 2. Dezember 2015  00:00

Der Suchlauf über die Bootsektoren wird begonnen:

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvXDSync.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ath_CoexAgent.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CAutoUpdateSvc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CPNRSvc.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPLaserJetService.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'RIconMan.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'ICQ Service.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConversionService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.EXE' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToolbarUpdaterService.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '134' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv_svc.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCPerfService.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VSNService.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'VSNClient.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '206' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIO Gate.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'cAudioFilterAgent64.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'AthBtTray.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBVolumeWatcher.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '133' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPStatusAlerts.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '145' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apvfb.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'GWX.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'esrv.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '167' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCAgent.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'sppsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Users\Marie\Downloads\ICQ\install_icq7.exe
    [0] Archivtyp: NSIS
    --> ProgramFilesDir/OCSetupHlp.dll
        [FUND]      Enthält Muster der Software PUA/OpenCandy.Gen
        [WARNUNG]  Infizierte Dateien in Archiven können nicht repariert werden

Die Registry wurde durchsucht ( '6154' Dateien ).


Beginne mit der Desinfektion:
Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\Marie\Downloads\ICQ\install_icq7.exe> wurde erfolgreich entfernt.
C:\Users\Marie\Downloads\ICQ\install_icq7.exe
  [FUND]      Enthält Muster der Software PUA/OpenCandy.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7165f6b8.qua' verschoben!
  [HINWEIS]  Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\Marie\Downloads\ICQ\install_icq7.exe> wurde erfolgreich repariert.


Ende des Suchlaufs: Mittwoch, 2. Dezember 2015  00:06
Benötigte Zeit: 00:57 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
  8753 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
  8752 Dateien ohne Befall
    24 Archive wurden durchsucht
      1 Warnungen
      1 Hinweise
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-12-01 23:46:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0006 465.76GB
Running: Gmer-19357.exe; Driver: C:\Users\Marie\AppData\Local\Temp\fwrdrpob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                          0000000077581401 2 bytes JMP 751fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                            0000000077581419 2 bytes JMP 751fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                          0000000077581431 2 bytes JMP 75278fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                          000000007758144a 2 bytes CALL 751d489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                * 9
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                            00000000775814dd 2 bytes JMP 752788c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                      00000000775814f5 2 bytes JMP 75278aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                            000000007758150d 2 bytes JMP 752787ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                      0000000077581525 2 bytes JMP 75278b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                            000000007758153d 2 bytes JMP 751efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                0000000077581555 2 bytes JMP 751f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                          000000007758156d 2 bytes JMP 75279089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                            0000000077581585 2 bytes JMP 75278bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                              000000007758159d 2 bytes JMP 7527877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                            00000000775815b5 2 bytes JMP 751efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                          00000000775815cd 2 bytes JMP 751fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                      00000000775816b2 2 bytes JMP 75278f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                      00000000775816bd 2 bytes JMP 75278713 C:\Windows\syswow64\kernel32.dll
?        C:\Windows\system32\mssprxy.dll [3176] entry point in ".rdata" section                                                                                                                                                                                              0000000063fb71e6
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                0000000077581401 2 bytes JMP 751fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                  0000000077581419 2 bytes JMP 751fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                0000000077581431 2 bytes JMP 75278fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                000000007758144a 2 bytes CALL 751d489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                * 9
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                  00000000775814dd 2 bytes JMP 752788c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                            00000000775814f5 2 bytes JMP 75278aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                  000000007758150d 2 bytes JMP 752787ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                            0000000077581525 2 bytes JMP 75278b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                  000000007758153d 2 bytes JMP 751efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                      0000000077581555 2 bytes JMP 751f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                000000007758156d 2 bytes JMP 75279089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                  0000000077581585 2 bytes JMP 75278bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                    000000007758159d 2 bytes JMP 7527877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                  00000000775815b5 2 bytes JMP 751efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                00000000775815cd 2 bytes JMP 751fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                            00000000775816b2 2 bytes JMP 75278f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3744] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                            00000000775816bd 2 bytes JMP 75278713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                              0000000077581401 2 bytes JMP 751fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                0000000077581419 2 bytes JMP 751fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                              0000000077581431 2 bytes JMP 75278fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                              000000007758144a 2 bytes CALL 751d489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                * 9
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                  00000000775814dd 2 bytes JMP 752788c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                          00000000775814f5 2 bytes JMP 75278aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                  000000007758150d 2 bytes JMP 752787ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                          0000000077581525 2 bytes JMP 75278b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                000000007758153d 2 bytes JMP 751efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                      0000000077581555 2 bytes JMP 751f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                              000000007758156d 2 bytes JMP 75279089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                0000000077581585 2 bytes JMP 75278bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                    000000007758159d 2 bytes JMP 7527877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                00000000775815b5 2 bytes JMP 751efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                              00000000775815cd 2 bytes JMP 751fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                          00000000775816b2 2 bytes JMP 75278f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[1940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                          00000000775816bd 2 bytes JMP 75278713 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                0000000077581401 2 bytes JMP 751fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                                                                  0000000077581419 2 bytes JMP 751fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                                                                0000000077581431 2 bytes JMP 75278fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                                                                000000007758144a 2 bytes CALL 751d489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                * 9
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                  00000000775814dd 2 bytes JMP 752788c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                            00000000775814f5 2 bytes JMP 75278aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                  000000007758150d 2 bytes JMP 752787ba C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                            0000000077581525 2 bytes JMP 75278b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                  000000007758153d 2 bytes JMP 751efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                                                                      0000000077581555 2 bytes JMP 751f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                000000007758156d 2 bytes JMP 75279089 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                                                                  0000000077581585 2 bytes JMP 75278bea C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                                                                    000000007758159d 2 bytes JMP 7527877e C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                  00000000775815b5 2 bytes JMP 751efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                00000000775815cd 2 bytes JMP 751fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                            00000000775816b2 2 bytes JMP 75278f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe[1260] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                            00000000775816bd 2 bytes JMP 75278713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                0000000077581401 2 bytes JMP 751fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                  0000000077581419 2 bytes JMP 751fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                0000000077581431 2 bytes JMP 75278fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                000000007758144a 2 bytes CALL 751d489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                * 9
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                  00000000775814dd 2 bytes JMP 752788c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                            00000000775814f5 2 bytes JMP 75278aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                  000000007758150d 2 bytes JMP 752787ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                            0000000077581525 2 bytes JMP 75278b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                  000000007758153d 2 bytes JMP 751efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                      0000000077581555 2 bytes JMP 751f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                000000007758156d 2 bytes JMP 75279089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                  0000000077581585 2 bytes JMP 75278bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                    000000007758159d 2 bytes JMP 7527877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                  00000000775815b5 2 bytes JMP 751efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                00000000775815cd 2 bytes JMP 751fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                            00000000775816b2 2 bytes JMP 75278f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                            00000000775816bd 2 bytes JMP 75278713 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----

Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\PYTHON27.DLL (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (Python Core/Python Software Foundation)(2015-10-01 18:52:44)                                                          000000001e000000
Library  c:\users\marie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpabwi2j.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260](2015-12-01 22:23:49)                                                000000005d680000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)                    000000005c540000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (ICU I18N DLL/The ICU Project)(2015-07-30 10:29:56)                                                                    000000004a900000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (ICU Common DLL/The ICU Project)(2015-07-30 10:29:56)                                                                  0000000005b70000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (ICU Data DLL/The ICU Project)(2015-07-30 10:29:56)                                                                    0000000006310000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)                  0000000050ac0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000050680000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  000000005d460000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  0000000008710000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                    0000000050430000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      00000000501c0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-07-30 10:29:57)              000000005e650000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      000000005d430000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)            000000005d3f0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000005d3a0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  000000005d350000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  00000000500d0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qgif.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-10-01 18:52:44)  000000005d340000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  000000005c500000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260](2015-07-26 12:12:57)                                                                                  0000000073b80000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260](2015-03-04 21:45:30)                                                                    0000000060ae0000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260](2015-07-30 10:30:00)                                                                        0000000062b30000
Library  C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe [1260](2015-07-26 12:12:57)                                                                              00000000739e0000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004eb83a34                                                                                                                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ebfef26                                                                                                                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ebfef26@68ebaee69a54                                                                                                                                                                            0x94 0x6C 0xCB 0x42 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ebfef26@0025e72b70ea                                                                                                                                                                            0xC4 0x35 0x0C 0xC7 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ebfef26@8400d2724d4b                                                                                                                                                                            0xDB 0x49 0xB1 0x4F ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ebfef26@94007089e420                                                                                                                                                                            0xFB 0x4C 0x5A 0xBD ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                                                                                                                                                    51430
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004eb83a34 (not active ControlSet)                                                                                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ebfef26 (not active ControlSet)                                                                                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ebfef26@68ebaee69a54                                                                                                                                                                                0x94 0x6C 0xCB 0x42 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ebfef26@0025e72b70ea                                                                                                                                                                                0xC4 0x35 0x0C 0xC7 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ebfef26@8400d2724d4b                                                                                                                                                                                0xDB 0x49 0xB1 0x4F ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ebfef26@94007089e420                                                                                                                                                                                0xFB 0x4C 0x5A 0xBD ...

---- EOF - GMER 2.1 ----
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 02.12.2015
Suchlaufzeit: 21:00
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.02.05
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Marie

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 388999
Abgelaufene Zeit: 37 Min., 21 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe, 2848, Löschen bei Neustart, [fe4f158b4f3c1323357ebbb80201c63a]
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, 1960, Löschen bei Neustart, [f855712fa1ea2115e2572b6215ee0df3]

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 17
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\CLASSES\ICQToolBar.IEHook.1, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\CLASSES\ICQToolBar.IEHook, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ICQToolBar.IEHook, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ICQToolBar.IEHook, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ICQToolBar.IEHook.1, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ICQToolBar.IEHook.1, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.AmazonTB, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Updater Service for AMZN, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Amazon Browser Settings, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.ICQToolbar, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ICQ SERVICE, In Quarantäne, [f855712fa1ea2115e2572b6215ee0df3],
PUP.Optional.AlexaTB, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [b5985a466d1e4fe7175c5b18986b4cb4],
PUP.Optional.ICQ, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, In Quarantäne, [1637940caae1a294eb4bfd90db2856aa],
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ICQToolbar, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],

Registrierungswerte: 5
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{855F3B16-6D32-4FE6-8A56-BBB695989046}, ICQToolBar, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35]
PUP.Optional.ICQToolbar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{855F3B16-6D32-4FE6-8A56-BBB695989046}, In Quarantäne, [69e4831d543796a0e3a0bf87f70b7a86],
PUP.Optional.ICQToolbar, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ICQ SERVICE|ImagePath, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, In Quarantäne, [f855712fa1ea2115e2572b6215ee0df3]
PUP.Optional.ICQ, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, In Quarantäne, [1637940caae1a294eb4bfd90db2856aa]
PUP.Optional.ICQ, HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, hxxp://c.icq.com/favicon.ico, In Quarantäne, [62ebfca4632849ed3105cbc2699a9769]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 18
PUP.Optional.AmazonTB, C:\Users\Marie\AppData\Local\Amazon Browser Bar, In Quarantäne, [1835a00033589f97367c76fd8b78ef11],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar, Löschen bei Neustart, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar, Löschen bei Neustart, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub, In Quarantäne, [76d7c2defd8e0f27f455643312f07987],

Dateien: 92
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll, In Quarantäne, [61ecc8d8543753e3681b87bf3dc5cb35],
PUP.Optional.SearchProtect.AppFlsh, C:\Program Files (x86)\Amazon Browser Bar\search_protect.exe, In Quarantäne, [d677514f1a7167cf8c20723539c809f7],
PUP.Optional.APNToolBar, C:\Windows\Temp\avnwldrtemp\setup\Offercast_AVIRAV7_.exe, In Quarantäne, [91bceab61774fe383aca48e10cf52dd3],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\TBU001\Update.exe, In Quarantäne, [f35a8917dcaf9f97bcf0f0b739c843bd],
PUP.Optional.AmazonTB, C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\j4n4cspo.default\extensions\abb@amazon.com.xpi, In Quarantäne, [0746b9e71675fe38941dfc7730d32fd1],
PUP.Optional.AmazonTB, C:\Users\Marie\AppData\Local\Amazon Browser Bar\protect.xml, In Quarantäne, [1835a00033589f97367c76fd8b78ef11],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.ini, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\installer.xml, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe, Löschen bei Neustart, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\uninstall.ico, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\uninstall.json, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\uninstaller.exe, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
PUP.Optional.AmazonTB, C:\Program Files (x86)\Amazon Browser Bar\update.xml, In Quarantäne, [fe4f158b4f3c1323357ebbb80201c63a],
Exploit.Dropper.GSA, C:\ProgramData\dsgsdgdsgdsgw.pad, In Quarantäne, [c885bce4f299ad89f8b1e80060a37a86],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, Löschen bei Neustart, [f855712fa1ea2115e2572b6215ee0df3],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\Configuration.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\OptionDlg.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\RegionalSettings.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\UserInterface.xml, In Quarantäne, [95b8554b6724ae88f4a2344beb17a45c],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\config.xml, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\Icons.bmp, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\logo_small.gif, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\short.wav, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\Version.txt, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\voucher.bmp, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar\voucher2.bmp, In Quarantäne, [1b32ebb53a51ca6c94040c73ae54e818],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb6a260a7b-a1b9-4cfa-a3c4-cc88fbfdf57f.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb06c5fab7-09f6-47b1-9d18-187b6b2c636c.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb1c8432c9-802e-4732-bd03-f4f6981b000f.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb2bdb2814-e405-4e76-ad18-c624d1073216.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb2dc64572-e7d2-47bd-9b40-f2d0887b3d63.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb2e8b9fd2-897b-444a-9886-58fb340857c0.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb3a2614e9-dea3-44de-997a-ca1ecf7a22a6.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb4c1e7812-f00b-4c73-bfa3-eedc085ee29e.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb5cb1a7b1-08ab-4ef3-9faf-67b06ff45d02.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb66c4a21f-b9ab-418c-9977-4d1ff4dab1eb.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb81223a0d-2a71-4a41-8d31-d6b2fe443413.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stb8522b368-5cd2-42a7-a9b4-0274150f927e.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbb89db564-eee2-4f80-a0da-972094aa3f2e.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbbe74365c-1cc3-4767-8016-686c71b6e825.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbc021e73b-eead-4c18-ba33-4db27f3b16f7.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbce5a634d-8aaf-49b1-baf7-9c65fd582564.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbd2f6327b-4173-49f9-a63e-39dc7d7da995.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbebd50278-9091-4f53-bfb9-e677df0ea620.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbfbe19762-1dca-4aac-9a2f-954ecdb06d30.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Users\Marie\AppData\Local\Temp\APN-Stub\Stbfdaf8556-689e-4d23-8cde-dfe4be716eb9.log, In Quarantäne, [bf8e1e822467af871831890e00028779],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\Stb1c20e144-c313-4dad-a23f-9f90423550e4.log, In Quarantäne, [76d7c2defd8e0f27f455643312f07987],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\Stb56794923-6b4a-444f-8e1c-f161150a35e1.log, In Quarantäne, [76d7c2defd8e0f27f455643312f07987],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\Stb80df617a-6611-4a00-95ea-eb774fd10da0.log, In Quarantäne, [76d7c2defd8e0f27f455643312f07987],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Larry3103 03.12.2015 15:45
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Marie (Administrator) auf R142016 (01-12-2015 23:52:39)
Gestartet von C:\Users\Marie\Downloads
Geladene Profile: Marie (Verfügbare Profile: Marie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Facebook Update] => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify Web Helper] => C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify] => C:\Users\Marie\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Dropbox Update] => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [GoogleChromeAutoLaunch_D555174A98A2F0684F8075DBE0BF0C0E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\MountPoints2: {24904ea3-282a-11e1-9629-78843ce21e6b} - E:\Startme.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-10-12]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DB83DB8D-35CF-4818-BDAF-A7D430B90AEF}: [DhcpNameServer] 10.3.0.10 10.3.0.130

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6744BEDE-007B-43DC-AA4C-98400709CE03} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {691EA7E8-5CC3-4A5B-A476-72AD527FF97F} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6B4432D4-8811-46A1-A77A-AB1C52946E70} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {F1E87776-8EC1-4B24-8222-59A5448750B4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll [2013-12-15] (Amazon Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll [2013-12-15] (Amazon Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-08-17] (ICQ)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\j4n4cspo.default
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_nt_
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Amazon
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_sp_
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2285745390-2809105031-2165689464-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-09-12]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nicht gefunden]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\j4n4cspo.default\Extensions\abb@amazon.com.xpi [2014-01-22] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-23] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_sp_"
CHR DefaultSearchURL: Default -> hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_ds_&query={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-25]
CHR Extension: („Pin it“-Button) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-01]
CHR Extension: (Avira SafeSearch) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-04]
CHR Extension: (Skype Click to Call) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2015-11-18]
CHR HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-21] ()
U3 fwrdrpob; \??\C:\Users\Marie\AppData\Local\Temp\fwrdrpob.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 23:52 - 2015-12-01 23:53 - 00032548 _____ C:\Users\Marie\Downloads\FRST.txt
2015-12-01 23:52 - 2015-12-01 23:52 - 00000000 ____D C:\FRST
2015-12-01 23:48 - 2015-12-01 23:48 - 02350080 _____ (Farbar) C:\Users\Marie\Downloads\FRST64.exe
2015-12-01 23:46 - 2015-12-01 23:46 - 00041664 _____ C:\Users\Marie\Desktop\Gmer.txt
2015-12-01 23:35 - 2015-12-01 23:35 - 00380416 _____ C:\Users\Marie\Downloads\Gmer-19357.exe
2015-12-01 23:32 - 2015-12-01 23:32 - 01721344 _____ (Farbar) C:\Users\Marie\Downloads\FRST.exe
2015-12-01 23:31 - 2015-12-01 23:31 - 02350080 _____ (Farbar) C:\Users\Marie\Downloads\FRST64 (1).exe
2015-12-01 23:30 - 2015-12-01 23:30 - 00000000 _____ C:\Users\Marie\defogger_reenable
2015-12-01 23:29 - 2015-12-01 23:29 - 00050477 _____ C:\Users\Marie\Downloads\Defogger.exe
2015-11-29 16:25 - 2015-11-30 00:21 - 18825179 _____ C:\Users\Marie\Desktop\Zwischenpräsentation Ader.pptx
2015-11-27 22:07 - 2015-11-27 22:07 - 00419751 _____ C:\Users\Marie\Downloads\Lebenslauf Ngan Nguyen.pdf
2015-11-18 15:20 - 2015-11-18 15:20 - 01646333 _____ C:\Users\Marie\Downloads\oledata.mso
2015-11-18 15:13 - 2015-11-18 15:13 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk (1).pdf
2015-11-18 15:13 - 2015-11-18 15:13 - 01012712 _____ C:\Users\Marie\Downloads\psedii_scrn_sas.zip
2015-11-18 15:13 - 2015-11-18 15:13 - 00071855 _____ C:\Users\Marie\Downloads\psedii_scrn_codebk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 00266695 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire (1).pdf
2015-11-18 15:09 - 2015-11-18 15:09 - 00267610 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire.pdf
2015-11-18 15:06 - 2015-11-18 15:06 - 00037201 _____ C:\Users\Marie\Downloads\psedii_screener_qnaire.pdf
2015-11-18 14:53 - 2015-11-18 14:53 - 00099530 _____ C:\Users\Marie\Downloads\psedii_researchopportunities.pdf
2015-11-18 14:51 - 2015-11-18 14:51 - 00931694 _____ C:\Users\Marie\Downloads\psed_outcome.sav
2015-11-18 14:51 - 2015-11-18 14:51 - 00365564 _____ C:\Users\Marie\Downloads\psed_bibliography-2015_07_15.pdf
2015-11-18 14:50 - 2015-11-18 14:50 - 00085838 _____ C:\Users\Marie\Downloads\History_of_Research_Program_v2.pdf
2015-11-18 13:44 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 11:48 - 2015-11-11 11:48 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 10:54 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 10:54 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 10:54 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 10:54 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 10:54 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 10:54 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 10:54 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 10:54 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 10:54 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 10:54 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 10:54 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 10:54 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 10:54 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 10:54 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 10:54 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 10:54 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 10:54 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 10:54 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 10:54 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 10:54 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 10:54 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 10:54 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 10:54 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 10:54 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 10:54 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 10:54 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 10:54 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 10:54 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 10:54 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 10:54 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 10:54 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 10:54 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 10:54 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 10:54 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 10:54 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 10:53 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 10:53 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 10:53 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 10:53 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 10:53 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 10:53 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 10:53 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-04 22:40 - 2015-12-01 23:14 - 00065536 _____ C:\Windows\system32\Ikeext.etl

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 23:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-01 23:51 - 2015-06-17 09:29 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-01 23:40 - 2013-11-25 15:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 23:30 - 2011-10-08 16:55 - 00000000 ____D C:\Users\Marie
2015-12-01 23:30 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-01 23:30 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-01 23:27 - 2013-05-23 10:46 - 00000000 ___RD C:\Users\Marie\Dropbox
2015-12-01 23:27 - 2013-05-23 10:42 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Dropbox
2015-12-01 23:24 - 2013-01-16 09:55 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Spotify
2015-12-01 23:23 - 2013-11-25 15:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 23:14 - 2011-05-19 08:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-01 23:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-01 19:22 - 2011-05-19 18:14 - 00700118 _____ C:\Windows\system32\perfh007.dat
2015-12-01 19:22 - 2011-05-19 18:14 - 00149968 _____ C:\Windows\system32\perfc007.dat
2015-12-01 19:22 - 2009-07-14 06:13 - 01622228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 19:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-01 19:13 - 2015-02-08 15:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-01 19:10 - 2011-10-14 18:00 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-01 18:56 - 2014-12-24 16:25 - 00000000 ____D C:\Users\Marie\Desktop\DCIM
2015-11-30 00:21 - 2012-01-19 19:16 - 03952640 ___SH C:\Users\Marie\Desktop\Thumbs.db
2015-11-26 01:10 - 2011-10-14 18:00 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-11-24 11:46 - 2015-06-17 09:29 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-11-18 21:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 18:12 - 2009-07-14 05:45 - 00464104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 14:03 - 2013-07-30 07:53 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 13:51 - 2011-10-20 16:50 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 13:49 - 2012-05-13 14:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 13:41 - 2011-02-11 00:03 - 01596508 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 13:36 - 2011-03-15 03:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 11:13 - 2015-02-08 15:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 11:13 - 2015-02-08 15:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 11:13 - 2015-02-08 15:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 17:21 - 2015-09-16 20:00 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-10 17:21 - 2014-03-09 10:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 17:21 - 2013-08-11 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-09 17:13 - 2011-02-10 23:48 - 00000000 ____D C:\Windows\Panther
2015-11-09 17:08 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-11-06 15:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-11-04 22:32 - 2013-07-29 11:43 - 00000000 ____D C:\Program Files (x86)\InternetLogin
2015-11-04 22:07 - 2011-05-19 08:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-04 21:57 - 2013-01-31 09:24 - 00000000 ____D C:\Program Files\McAfee
2015-11-04 21:35 - 2014-12-28 13:13 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieBrowserModeList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieUserList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-28 14:16 - 2013-11-03 18:26 - 0000058 _____ () C:\Users\Marie\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-10-10 17:12 - 2011-10-10 17:12 - 0017408 _____ () C:\Users\Marie\AppData\Local\WebpageIcons.db
2014-10-06 22:41 - 2014-10-06 22:45 - 0000000 _____ () C:\Users\Marie\AppData\Local\{9E0885C6-33BC-4ABF-B751-D85AAA9543E0}
2014-11-05 12:14 - 2014-11-05 12:14 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DCBD99DE-15A5-4CEA-9F87-3056043BC16E}
2014-10-17 10:40 - 2014-10-17 10:42 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DF2572BF-742C-4185-A265-B3D4D0921450}
2013-03-14 16:50 - 2013-03-14 16:51 - 95023320 ____T () C:\ProgramData\5294627.pad
2013-02-12 17:05 - 2013-02-12 17:05 - 95023320 ____T () C:\ProgramData\9175908.pad
2012-12-04 22:02 - 2013-02-02 15:23 - 95023320 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2011-10-12 14:29 - 2011-10-12 14:29 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-04-02 09:25 - 2013-04-02 09:25 - 95023320 ____T () C:\ProgramData\jwjl.pad

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\5294627.pad
C:\ProgramData\9175908.pad
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\jwjl.pad


Einige Dateien in TEMP:
====================
C:\Users\Marie\AppData\Local\Temp\AskSLib.dll
C:\Users\Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie\AppData\Local\Temp\dfqdpjrn.dll
C:\Users\Marie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpabwi2j.dll
C:\Users\Marie\AppData\Local\Temp\hnqklhh8.dll
C:\Users\Marie\AppData\Local\Temp\HOST1608.exe
C:\Users\Marie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marie\AppData\Local\Temp\SRLDetectionLibrary4213438788642316630.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-18 21:01

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Marie (2015-12-01 23:53:34)
Gestartet von C:\Users\Marie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-08 15:55:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2285745390-2809105031-2165689464-500 - Administrator - Disabled)
Gast (S-1-5-21-2285745390-2809105031-2165689464-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2285745390-2809105031-2165689464-1002 - Limited - Enabled)
Marie (S-1-5-21-2285745390-2809105031-2165689464-1000 - Administrator - Enabled) => C:\Users\Marie

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon 1Button App (HKLM-x32\...\{54AA7C11-54B7-4BD8-84B2-85873B5C7A04}) (Version: 1.0.4 - Amazon)
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon) <==== ACHTUNG
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Utilities Digital Photo Professional 1.0 (HKLM-x32\...\InstallShield_{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}) (Version: 1.0 - Canon)
Canon Utilities Digital Photo Professional 1.0 (x32 Version: 1.0 - Canon) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13295.984 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM127_128 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
ICQ Toolbar (HKLM-x32\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.9 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Screenshot Captor 4.7.2 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SourceTree (HKLM-x32\...\SourceTree 1.6.22) (Version: 1.6.22 - Atlassian)
SourceTree (x32 Version: 1.6.22 - Atlassian) Hidden
Spotify (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

23-10-2015 20:10:39 Windows Update
25-10-2015 17:07:57 Windows Update
31-10-2015 12:37:39 Installed SourceTree
09-11-2015 15:49:13 Windows Update
11-11-2015 13:33:54 Windows Update
18-11-2015 15:53:15 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {15109A07-3025-4D41-B82D-9F1C4BB4BCA2} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {1564769C-E886-464A-AEF6-A27B4EAFE49C} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {1D1EB4D2-C772-4456-831E-88AE772F4106} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {39F426F4-12E0-4018-B9B1-9613CC7EAB0F} - System32\Tasks\{32A59053-383D-437A-AE89-9D2453FA2380} => pcalua.exe -a C:\Users\Marie\Downloads\ICQ\install_icq7.exe -d C:\Users\Marie\Downloads\ICQ
Task: {3CB44FC4-39D7-4EE4-B5BA-7E25EAD77F93} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {4047E08C-9318-4F3F-BEA4-847E0112EC46} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {48B222CD-7E47-485D-BA05-3CAA46BAE8DA} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {52B0EDFF-87A4-4049-AD09-32811E7BE5C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {543BA804-B964-4F63-A223-CF44FFC43B68} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5714CED1-F9DE-4A7F-8D4F-4386903DEC27} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {68396B3E-0280-4CCF-B23D-66EE4E41AC18} - System32\Tasks\{1B2518BE-44B5-4FD3-8D2F-5E6BCA2BA3F8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.64.102/de/go/help.faq.installer?LastError=1601
Task: {6B6900F1-79CE-4DF6-B034-564B59945C9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {74ED37E6-1B0C-4FEC-ADD7-BDF859311F96} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {7523B1E0-5B2A-4B3D-8B84-1DDB07D19BF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7B57A10A-E39A-4078-A71B-7FC43DBB269D} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {7E79E96E-C18B-4E95-A70C-23A548E29E8F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {96963E98-1AF0-4D9B-BDCB-9DD50DA1C5C3} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9B8E1FBC-CA26-4C02-8168-6772DB13EE94} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ADE9D023-022C-482A-B19E-86F16DAFCEFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B36B4981-DF0B-4957-AA03-EBA58854FB26} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {C115FF4D-8146-4DB8-9D7F-5643E2698F3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CB1DD2F4-70EF-4C0B-885A-FD2C5E9A2A90} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D264FEF1-682E-4F13-9E87-14A8B63C562C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E381EECA-9371-4390-AEA3-6C065F0D87CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E61C06C0-78DB-4E7F-B238-EFFE3B412FA7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {E8F64BA9-9C28-450A-A5EF-37B78302D54F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FE236CDD-5111-4E45-821E-12DE3838963E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {FEE13A5E-608B-4A4C-991A-517C3B2856AC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-10-14 17:08 - 2011-08-17 10:04 - 00247872 _____ () C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
2013-03-21 19:24 - 2013-03-21 19:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2013-11-01 13:59 - 2013-11-01 13:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2011-05-19 08:41 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-10-21 00:25 - 2014-10-21 00:25 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-05-19 08:28 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-01 23:23 - 2015-12-01 23:23 - 00071168 _____ () c:\users\marie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpabwi2j.dll
2015-07-26 13:12 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:30 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-26 13:12 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F7ACB7CE-1867-4660-B96C-C0C46EBCF563}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0C51D191-8752-494D-A0BB-B9F2D8E84C29}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}] => (Allow) LPort=2869
FirewallRules: [{AA7F2292-833E-4165-A79B-17E7EB54B88F}] => (Allow) LPort=1900
FirewallRules: [{666625D3-9F5E-44F4-95C9-5E5BE23365E3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{71EDB291-9858-4A48-9B1D-8F92FF045CE6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6559DB1B-53C5-4147-8A7C-FC4FE8B04A70}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{E555AF69-0720-4522-AB59-646C19F287B5}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{69B7AACD-BC4C-4811-8197-AD7F09BDCBC8}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{3AD4E9EF-596A-4531-9EF2-7C4678199614}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{A4E0D600-F5C6-4D07-B560-94B29452BC51}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{8E133A86-9484-4142-9407-63ED4A627ADE}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{40B17878-74A4-4AA5-B606-DF89A752D18E}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{FFDCBD10-5EBA-4F3D-997A-A1B49D997F96}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{6E84237B-5C88-4F41-8E27-B11485DC4F28}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{961B3BCC-1D6C-4359-B501-A46E0AEE79D2}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [TCP Query User{D8A466D8-4BC7-430A-A9A3-A93BB22F2C4E}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2965F9DB-8699-4943-8C7E-05293BE5080F}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{70427346-B296-4D61-980E-C712F54EBACA}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69B0B207-61B0-4962-BDEA-1853672E09B6}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E35AFDB5-44EE-4E39-92C6-7AFF7F64E5EB}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{60BA62D9-8469-459A-8FBF-BDFBB81E33CF}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3C2A791D-2C21-4D6F-B8CB-FCBA1EA88178}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7172913D-0F32-45A9-99C9-BDEE9992F95C}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CB944D88-DEA0-440A-B0E0-9EA9D0A55B5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5EF18E90-4766-484D-AF15-AD800AF6242A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC4734BE-8D4B-4456-9DC7-601879BC18A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84368E60-9C2C-44C7-82A8-F40B9FCE8BF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5DF32A95-571D-4C2E-AAFE-3986CEF7B144}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{63B0CB7E-1E89-46A2-906A-5945A04FE822}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{26C448AA-8D8E-4AD5-AFBB-32679BA474BB}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{66E26607-BA0A-418A-98C1-A645F04395D5}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{162A9175-BCF8-46D6-A8D3-2E8F35A6A5C9}] => (Allow) C:\Users\Marie\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{8FAD3F35-3774-4088-B528-FC83F7A074AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{21C9063C-6C7D-4C3B-94AE-CBBE84E78A2B}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{AE03FB97-7E14-4732-B313-61DD65AB0C45}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{502840FE-1AB8-4533-BF30-DF18B84E6079}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{F214C47D-A5A2-417C-A891-6F566728136E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6592AEC1-CEA1-404B-B4D5-EC9D8AEB969D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{A78F65A9-B007-4332-B8E3-66F6448491AA}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{5E4AC3A5-9719-4825-BF25-0342643E204A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16E72CB2-69BC-444F-BC25-23E61D81D679}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 11:14:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2015 07:10:05 PM) (Source: Google Update) (EventID: 20) (User: R142016)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (12/01/2015 06:15:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 10:10:05 PM) (Source: Google Update) (EventID: 20) (User: R142016)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/29/2015 09:38:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 07:43:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 05:47:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 04:00:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2015 10:04:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2015 10:51:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (12/01/2015 11:47:08 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 0.0.0.0 mit dem Computer mit der
Netzwerkhardwareadresse 18-CF-5E-38-56-CA ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (12/01/2015 11:25:49 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.0.101 mit dem Computer mit der
Netzwerkhardwareadresse D8-3C-69-A3-4B-EC ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (12/01/2015 11:13:58 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/01/2015 06:14:03 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/29/2015 09:37:18 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/29/2015 07:42:33 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/29/2015 05:52:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) System Behavior Tracker Collector Service" wurde nicht richtig gestartet.

Error: (11/29/2015 05:45:48 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/29/2015 04:05:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) System Behavior Tracker Collector Service" wurde nicht richtig gestartet.

Error: (11/29/2015 04:00:06 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 4077.86 MB
Verfügbarer physikalischer RAM: 1866.45 MB
Summe virtueller Speicher: 8153.93 MB
Verfügbarer virtueller Speicher: 5277.66 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:452.15 GB) (Free:316.04 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Vielen Dank schon mal im Voraus :)

M-K-D-B 03.12.2015 15:54
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!






Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Marie\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.






Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Larry3103 03.12.2015 20:06
Danke schon mal bis hierher :)

Hier sind meine Logs:

Code:
# AdwCleaner v5.023 - Bericht erstellt am 03/12/2015 um 18:56:40
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-11-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Marie - R142016
# Gestartet von : C:\Users\Marie\Desktop\AdwCleaner_5.023 (1).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Amazon\ABB
[-] Ordner Gelöscht : C:\ProgramData\6480F1C325DA5ECA000064808D466294
[-] Ordner Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_safesearch.avira.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_safesearch.avira.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Schlüssel Gelöscht : HKCU\Software\Ciuvo
[-] Schlüssel Gelöscht : HKCU\Software\distromatic
[-] Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Daten Nicht Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.movshare.net

***** [ Internetbrowser ] *****

[-] [C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pbjikboenpfhbbejgkoklgkhjpfogcam

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6160 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 03.12.2015
Suchlaufzeit: 19:05
Protokolldatei: mbam2.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.03.04
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Marie

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 388936
Abgelaufene Zeit: 39 Min., 2 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Marie (Administrator) on 03.12.2015 at 19:49:35.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 115

Successfully deleted: C:\Users\Marie\AppData\Local\{00D73808-F0B8-4124-A4CD-0B3EA426BDAA} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{01AA353E-4596-40E2-8D5C-4B5930924140} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{0378FF90-3E85-4AB5-B4A7-63B2CA32DD2B} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{04C850CD-57C5-432B-8B95-0F7DB040797F} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{05056DC5-C9E1-46A0-91F9-4376B93AD8D8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{0598A3AE-007D-4038-89F0-220F4132D835} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{0C5ED1C3-0F99-4A94-8D6D-18D82BC47EEC} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{0ECEEAD4-1982-4005-828F-679F1C5DB122} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{0F232A4B-6426-45C4-81F9-C724455C2621} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{10F028D4-5744-4CCC-A97C-C741DE0E01A8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{1480BA21-AED6-4868-9066-7FF0E84B45CC} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{14C3A18F-3B5C-4539-A310-A3B5786BD33A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{1B6849D1-ADF6-458D-9049-82A326D5282C} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{1FFA19FD-F52A-433B-9B51-58DC623EA34B} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{20B78205-E442-4BDF-A4EE-2DBB59A2DB57} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{228060DF-B6FD-456F-8D0C-7271DCCCC42B} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{236D04EC-00CB-4071-A738-D81304946BBB} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{25A2EB15-8574-48C3-BC55-B49C1313F8E8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{2648771D-73D1-45BC-AB5C-E10F0A46B78A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{29699CDF-F997-4427-8107-D55AB5379056} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{30419DD1-B2B9-4062-BE2E-903673DD5075} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{32F32751-2527-4180-833B-2D86950AB9D3} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{335A3342-303B-4CDB-A19C-12653E7B04E0} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{3798249A-2D22-43E7-AA94-39A2B5839128} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{3941D0F2-079A-47B0-8B32-9B504C9F1EDF} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{3AEE591C-FED9-48E7-8321-6B9CFF308DAC} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{40B21360-1039-4464-8186-5932F50397AF} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{40CD3C8A-B491-44F3-9CDE-0448E77C6B78} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{438353F5-28E0-4A80-B9AF-351EBE390654} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{49FFE63D-231F-4503-839C-46C2B9B00085} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{4C08569B-4005-4D41-8E06-83F7BA1812F6} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{4CBCE50C-503B-4DE0-858F-D5DE274235E2} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{53EF3D78-C05E-4432-AEA7-97AF95A9DE10} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{55C5CC25-7195-40F6-BC49-AC94327C6908} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{5A872007-EFCF-4F1B-9ACE-578EEEEF8BC0} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{5B1DD21A-E65B-48A4-8E36-B37A38087E49} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{5B86C1A0-E982-4F5E-BE97-6DBFC562C82F} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{5BF59642-343B-4FAE-BA9F-2574DD29647E} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{624E3B71-B65B-44AC-A614-82B9F1E73ED4} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{670CCA32-CE1B-4562-BD93-9DC1692AC51E} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{693DF76A-B053-4709-8422-402321AFD18C} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{698E8B37-3484-4F69-AA9C-163413366E52} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{78E3524F-5C3E-45A5-8B17-C7CECB99232A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{7B4CABF1-BCF4-4D67-9366-F334347874E8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{7CCD0936-87C8-431D-B7C0-714892A81DF2} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{7FB1A761-DE6C-4CEC-B784-01C96DDE70C9} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{829A9185-6CF5-46CA-9974-56B08F823074} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{859F826A-2DF9-4285-B4A9-0A45E50C5B32} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{863AA1CA-6EC8-4D4B-BF59-5B350695195A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{8AF41218-0B90-4A3C-A572-3C8DB7834BFE} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{8C6D41B2-DF98-4D2D-BB9F-59E0A0F8760A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{8DCA62E6-A227-40CC-9959-83D1D9F8E9B4} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{8FEEE089-A0E5-41E1-B2B0-00ED873ADDCA} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{912E2E5F-DCFE-4D48-B2CA-E1FADCC09D93} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{97B48D6E-D958-4425-B4AE-DB6AA354EB39} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{983AF45F-183F-4A4E-943E-06311295C8CA} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{989BF664-8421-4D89-87F4-728E2C39EEAA} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{9AD45AA4-B6A3-4C09-BB5B-6ABACFF1B730} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{9B1E2827-FDFC-464F-9B24-84EC76C5CAB8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{9B7C4E4C-F676-4666-BE26-14A9D7A9EBD8} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{9C86FA18-ED88-4942-8631-8C73614CB01F} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{9EF0DF45-39E0-4DC5-9663-F012CAAFCB3D} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{A103CED0-4743-48A2-9A15-75C9786B9E41} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{A11F0945-9D59-4904-ACE3-855FC945959E} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{A4CD069D-8BA0-4654-A53E-7464D4AB60C5} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{A7929F21-82F0-4CDA-92A9-1F870879FA4C} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{AFDF358F-D1F4-482C-AE60-6ED14C4EF01A} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{B2CA2B5C-3C17-465C-A9F0-3329B1BB15ED} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{B40B951C-C77C-4C35-B62D-BC5CDFC885BB} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{B40D9EF1-499B-4CD6-91FF-478F48681B46} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{B71146C6-711F-4420-901D-81C7AADB6B97} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{BA809D9C-0C50-43F3-9DEB-F4A9108120FE} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{C0C9F8F8-9EB0-42B2-B555-ECAE911BD082} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{CD39A193-62B8-4147-9FA7-66FA9A3586DD} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{D0BAE207-C306-481B-B41D-78EB073EE2EE} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{D157B9A2-ED8E-4FCA-B874-AEE1F284F83B} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{D55AA402-3C4E-49C9-8DBA-8AB77C11E537} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{DAEDE87C-0FA5-4110-9F67-F8307D2A762C} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{DEE98504-8612-456F-B92A-8D755CB76474} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E0DF4145-6957-40CD-A7F9-6C7E5C52F3E0} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E298F6C3-EA01-42E0-A8E5-F7A7580683F3} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E59BDB4B-0F34-4E5C-A7DE-21D804A57A5B} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E5A9D90D-2418-49FE-82B3-A0A65BEB47E5} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E5F7C982-B946-41DC-AAA2-DE1ADA4D9FBD} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E65B02C6-DD4E-4641-9391-5A281F08A6D2} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{E67878C3-040A-45A5-B7FD-B024DBCBC865} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{EE13E2A2-786E-491B-B072-52A72FFBA19C} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{F006506E-0B1D-4489-A1FA-668FEB9316BC} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{F1083BC6-94AB-4237-B7C4-AB775BFC4273} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{F7EC47EA-CCD7-4C41-A948-627488791C38} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{F875791E-04E5-4C00-BB3E-6FB86F86DA55} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{FB864005-22FB-487E-AD3E-4A61DA1D21EB} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{FBFF2C39-D6A1-4DFA-9584-1F1C6D5D36DA} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{FC367772-37A8-4F80-BC00-F5AE14E38548} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\{FDBEFFEB-9DC3-4CF5-8D77-A91B2BC567BC} (Empty Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic (Folder)
Successfully deleted: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File)
Successfully deleted: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File)
Successfully deleted: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File)
Successfully deleted: C:\Users\Marie\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\Windows\SysWOW64\sho1650.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho1F85.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho299A.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho51BF.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho5439.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho5F1A.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho631A.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho6BB3.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho7E39.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoBD77.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoBDB6.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoC8B5.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoC9A8.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoDBAA.tmp (File)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D555174A98A2F0684F8075DBE0BF0C0E (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2015 at 19:53:40.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Marie (Administrator) auf R142016 (03-12-2015 19:56:54)
Gestartet von C:\Users\Marie\Desktop
Geladene Profile: Marie &  (Verfügbare Profile: Marie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Facebook Update] => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify Web Helper] => C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify] => C:\Users\Marie\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Dropbox Update] => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [GoogleChromeAutoLaunch_D555174A98A2F0684F8075DBE0BF0C0E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\MountPoints2: {24904ea3-282a-11e1-9629-78843ce21e6b} - E:\Startme.exe
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Marie\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_D555174A98A2F0684F8075DBE0BF0C0E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {24904ea3-282a-11e1-9629-78843ce21e6b} - E:\Startme.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-10-12]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DB83DB8D-35CF-4818-BDAF-A7D430B90AEF}: [DhcpNameServer] 10.3.0.10 10.3.0.130

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6744BEDE-007B-43DC-AA4C-98400709CE03} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {691EA7E8-5CC3-4A5B-A476-72AD527FF97F} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6B4432D4-8811-46A1-A77A-AB1C52946E70} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {F1E87776-8EC1-4B24-8222-59A5448750B4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6744BEDE-007B-43DC-AA4C-98400709CE03} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {691EA7E8-5CC3-4A5B-A476-72AD527FF97F} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6B4432D4-8811-46A1-A77A-AB1C52946E70} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F1E87776-8EC1-4B24-8222-59A5448750B4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\j4n4cspo.default
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_nt_
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Amazon
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_sp_
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2285745390-2809105031-2165689464-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-09-12]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nicht gefunden]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-23] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_sp_"
CHR DefaultSearchURL: Default -> hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_ds_&query={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-25]
CHR Extension: („Pin it“-Button) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-12-03]
CHR Extension: (Avira SafeSearch) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-12-03]
CHR Extension: (Skype Click to Call) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [Datei ist nicht signiert]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-21] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-03 19:53 - 2015-12-03 19:55 - 00012648 _____ C:\Users\Marie\Desktop\JRT.txt
2015-12-03 19:47 - 2015-12-03 19:48 - 01599336 _____ (Malwarebytes) C:\Users\Marie\Desktop\JRT.exe
2015-12-03 19:46 - 2015-12-03 19:46 - 00001199 _____ C:\Users\Marie\Desktop\mbam2.txt
2015-12-03 19:00 - 2015-12-03 19:00 - 00006266 _____ C:\Users\Marie\Desktop\AdwCleaner[C1].txt
2015-12-03 18:52 - 2015-12-03 18:52 - 01736704 _____ C:\Users\Marie\Desktop\AdwCleaner_5.023 (1).exe
2015-12-03 18:50 - 2015-12-03 18:56 - 00000000 ____D C:\AdwCleaner
2015-12-03 18:49 - 2015-12-03 18:49 - 01736704 _____ C:\Users\Marie\Downloads\AdwCleaner_5.023.exe
2015-12-02 21:39 - 2015-12-02 21:40 - 00020088 _____ C:\Users\Marie\Desktop\mbam.txt
2015-12-02 20:58 - 2015-12-03 19:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 20:58 - 2015-12-02 20:58 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 20:58 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-02 20:58 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-02 20:58 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-02 20:54 - 2015-12-02 20:57 - 22908888 _____ (Malwarebytes ) C:\Users\Marie\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-02 00:24 - 2015-12-02 00:24 - 00048789 _____ C:\Users\Marie\Downloads\Addition (1).txt
2015-12-01 23:57 - 2015-12-03 19:57 - 00031671 _____ C:\Users\Marie\Desktop\FRST.txt
2015-12-01 23:57 - 2015-12-01 23:57 - 00048789 _____ C:\Users\Marie\Desktop\Addition.txt
2015-12-01 23:53 - 2015-12-01 23:54 - 00048789 _____ C:\Users\Marie\Downloads\Addition.txt
2015-12-01 23:52 - 2015-12-03 19:56 - 00000000 ____D C:\FRST
2015-12-01 23:52 - 2015-12-01 23:54 - 00068359 _____ C:\Users\Marie\Downloads\FRST.txt
2015-12-01 23:48 - 2015-12-01 23:48 - 02350080 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2015-12-01 23:46 - 2015-12-01 23:46 - 00041664 _____ C:\Users\Marie\Desktop\Gmer.txt
2015-12-01 23:35 - 2015-12-01 23:35 - 00380416 _____ C:\Users\Marie\Downloads\Gmer-19357.exe
2015-12-01 23:32 - 2015-12-01 23:32 - 01721344 _____ (Farbar) C:\Users\Marie\Downloads\FRST.exe
2015-12-01 23:31 - 2015-12-01 23:31 - 02350080 _____ (Farbar) C:\Users\Marie\Downloads\FRST64 (1).exe
2015-12-01 23:30 - 2015-12-01 23:30 - 00000000 _____ C:\Users\Marie\defogger_reenable
2015-12-01 23:29 - 2015-12-01 23:29 - 00050477 _____ C:\Users\Marie\Downloads\Defogger.exe
2015-11-29 16:25 - 2015-11-30 00:21 - 18825179 _____ C:\Users\Marie\Desktop\Zwischenpräsentation Ader.pptx
2015-11-27 22:07 - 2015-11-27 22:07 - 00419751 _____ C:\Users\Marie\Downloads\Lebenslauf Ngan Nguyen.pdf
2015-11-18 15:20 - 2015-11-18 15:20 - 01646333 _____ C:\Users\Marie\Downloads\oledata.mso
2015-11-18 15:13 - 2015-11-18 15:13 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk (1).pdf
2015-11-18 15:13 - 2015-11-18 15:13 - 01012712 _____ C:\Users\Marie\Downloads\psedii_scrn_sas.zip
2015-11-18 15:13 - 2015-11-18 15:13 - 00071855 _____ C:\Users\Marie\Downloads\psedii_scrn_codebk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 00266695 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire (1).pdf
2015-11-18 15:09 - 2015-11-18 15:09 - 00267610 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire.pdf
2015-11-18 15:06 - 2015-11-18 15:06 - 00037201 _____ C:\Users\Marie\Downloads\psedii_screener_qnaire.pdf
2015-11-18 14:53 - 2015-11-18 14:53 - 00099530 _____ C:\Users\Marie\Downloads\psedii_researchopportunities.pdf
2015-11-18 14:51 - 2015-11-18 14:51 - 00931694 _____ C:\Users\Marie\Downloads\psed_outcome.sav
2015-11-18 14:51 - 2015-11-18 14:51 - 00365564 _____ C:\Users\Marie\Downloads\psed_bibliography-2015_07_15.pdf
2015-11-18 14:50 - 2015-11-18 14:50 - 00085838 _____ C:\Users\Marie\Downloads\History_of_Research_Program_v2.pdf
2015-11-18 13:44 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 11:48 - 2015-11-11 11:48 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 10:54 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 10:54 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 10:54 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 10:54 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 10:54 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 10:54 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 10:54 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 10:54 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 10:54 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 10:54 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 10:54 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 10:54 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 10:54 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 10:54 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 10:54 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 10:54 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 10:54 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 10:54 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 10:54 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 10:54 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 10:54 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 10:54 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 10:54 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 10:54 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 10:54 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 10:54 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 10:54 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 10:54 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 10:54 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 10:54 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 10:54 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 10:54 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 10:54 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 10:54 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 10:54 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 10:53 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 10:53 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 10:53 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 10:53 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 10:53 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 10:53 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 10:53 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-04 22:40 - 2015-12-03 18:59 - 00065536 _____ C:\Windows\system32\Ikeext.etl

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-03 19:51 - 2015-06-17 09:29 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-03 19:40 - 2013-11-25 15:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 19:13 - 2015-02-08 15:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-03 19:12 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-03 19:12 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-03 19:10 - 2011-10-14 18:00 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-03 19:03 - 2013-01-16 09:55 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Spotify
2015-12-03 19:01 - 2013-05-23 10:46 - 00000000 ___RD C:\Users\Marie\Dropbox
2015-12-03 19:01 - 2013-05-23 10:42 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Dropbox
2015-12-03 18:59 - 2013-11-25 15:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 18:59 - 2011-05-19 08:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-03 18:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-03 18:56 - 2014-01-21 13:40 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-12-03 18:42 - 2011-02-11 00:01 - 00000000 ____D C:\Windows\InstDrvs
2015-12-02 21:38 - 2011-10-14 17:08 - 00000000 ____D C:\ProgramData\ICQ
2015-12-02 20:58 - 2015-06-17 09:29 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-12-02 20:55 - 2011-05-19 18:14 - 00700118 _____ C:\Windows\system32\perfh007.dat
2015-12-02 20:55 - 2011-05-19 18:14 - 00149968 _____ C:\Windows\system32\perfc007.dat
2015-12-02 20:55 - 2009-07-14 06:13 - 01622228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-02 20:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-02 10:33 - 2011-10-14 18:00 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-12-02 00:06 - 2011-10-14 17:02 - 00000000 ____D C:\Users\Marie\Downloads\ICQ
2015-12-01 23:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-01 23:30 - 2011-10-08 16:55 - 00000000 ____D C:\Users\Marie
2015-12-01 18:56 - 2014-12-24 16:25 - 00000000 ____D C:\Users\Marie\Desktop\DCIM
2015-11-30 00:21 - 2012-01-19 19:16 - 03952640 ___SH C:\Users\Marie\Desktop\Thumbs.db
2015-11-18 21:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 18:12 - 2009-07-14 05:45 - 00464104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 14:03 - 2013-07-30 07:53 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 13:51 - 2011-10-20 16:50 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 13:49 - 2012-05-13 14:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 13:41 - 2011-02-11 00:03 - 01596508 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 13:36 - 2011-03-15 03:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 11:13 - 2015-02-08 15:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 11:13 - 2015-02-08 15:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 11:13 - 2015-02-08 15:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 17:21 - 2015-09-16 20:00 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-10 17:21 - 2014-03-09 10:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 17:21 - 2013-08-11 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-09 17:13 - 2011-02-10 23:48 - 00000000 ____D C:\Windows\Panther
2015-11-09 17:08 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-11-06 15:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-11-04 22:32 - 2013-07-29 11:43 - 00000000 ____D C:\Program Files (x86)\InternetLogin
2015-11-04 22:07 - 2011-05-19 08:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-04 21:57 - 2013-01-31 09:24 - 00000000 ____D C:\Program Files\McAfee
2015-11-04 21:35 - 2014-12-28 13:13 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieBrowserModeList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieUserList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-28 14:16 - 2013-11-03 18:26 - 0000058 _____ () C:\Users\Marie\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-10-10 17:12 - 2011-10-10 17:12 - 0017408 _____ () C:\Users\Marie\AppData\Local\WebpageIcons.db
2014-10-06 22:41 - 2014-10-06 22:45 - 0000000 _____ () C:\Users\Marie\AppData\Local\{9E0885C6-33BC-4ABF-B751-D85AAA9543E0}
2014-11-05 12:14 - 2014-11-05 12:14 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DCBD99DE-15A5-4CEA-9F87-3056043BC16E}
2014-10-17 10:40 - 2014-10-17 10:42 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DF2572BF-742C-4185-A265-B3D4D0921450}
2013-03-14 16:50 - 2013-03-14 16:51 - 95023320 ____T () C:\ProgramData\5294627.pad
2013-02-12 17:05 - 2013-02-12 17:05 - 95023320 ____T () C:\ProgramData\9175908.pad
2011-10-12 14:29 - 2011-10-12 14:29 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-04-02 09:25 - 2013-04-02 09:25 - 95023320 ____T () C:\ProgramData\jwjl.pad

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\5294627.pad
C:\ProgramData\9175908.pad
C:\ProgramData\jwjl.pad


Einige Dateien in TEMP:
====================
C:\Users\Marie\AppData\Local\Temp\AskSLib.dll
C:\Users\Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie\AppData\Local\Temp\dfqdpjrn.dll
C:\Users\Marie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvk6qi.dll
C:\Users\Marie\AppData\Local\Temp\hnqklhh8.dll
C:\Users\Marie\AppData\Local\Temp\sqlite3.dll
C:\Users\Marie\AppData\Local\Temp\SRLDetectionLibrary4213438788642316630.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-18 21:01

==================== Ende von FRST.txt ============================

Larry3103 03.12.2015 20:06
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Marie (2015-12-03 19:57:46)
Gestartet von C:\Users\Marie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-08 15:55:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2285745390-2809105031-2165689464-500 - Administrator - Disabled)
Gast (S-1-5-21-2285745390-2809105031-2165689464-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2285745390-2809105031-2165689464-1002 - Limited - Enabled)
Marie (S-1-5-21-2285745390-2809105031-2165689464-1000 - Administrator - Enabled) => C:\Users\Marie

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon 1Button App (HKLM-x32\...\{54AA7C11-54B7-4BD8-84B2-85873B5C7A04}) (Version: 1.0.4 - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Utilities Digital Photo Professional 1.0 (HKLM-x32\...\InstallShield_{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}) (Version: 1.0 - Canon)
Canon Utilities Digital Photo Professional 1.0 (x32 Version: 1.0 - Canon) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13295.984 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM127_128 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.9 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Screenshot Captor 4.7.2 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SourceTree (HKLM-x32\...\SourceTree 1.6.22) (Version: 1.6.22 - Atlassian)
SourceTree (x32 Version: 1.6.22 - Atlassian) Hidden
Spotify (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Spotify (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

31-10-2015 12:37:39 Installed SourceTree
09-11-2015 15:49:13 Windows Update
11-11-2015 13:33:54 Windows Update
18-11-2015 15:53:15 Windows Update
03-12-2015 19:49:42 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1433884D-F896-41FE-9838-B65063FB1855} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {1564769C-E886-464A-AEF6-A27B4EAFE49C} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {1D1EB4D2-C772-4456-831E-88AE772F4106} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {39F426F4-12E0-4018-B9B1-9613CC7EAB0F} - System32\Tasks\{32A59053-383D-437A-AE89-9D2453FA2380} => pcalua.exe -a C:\Users\Marie\Downloads\ICQ\install_icq7.exe -d C:\Users\Marie\Downloads\ICQ
Task: {3CB44FC4-39D7-4EE4-B5BA-7E25EAD77F93} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {4047E08C-9318-4F3F-BEA4-847E0112EC46} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {48B222CD-7E47-485D-BA05-3CAA46BAE8DA} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {52B0EDFF-87A4-4049-AD09-32811E7BE5C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {543BA804-B964-4F63-A223-CF44FFC43B68} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5714CED1-F9DE-4A7F-8D4F-4386903DEC27} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {68396B3E-0280-4CCF-B23D-66EE4E41AC18} - System32\Tasks\{1B2518BE-44B5-4FD3-8D2F-5E6BCA2BA3F8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.64.102/de/go/help.faq.installer?LastError=1601
Task: {6B6900F1-79CE-4DF6-B034-564B59945C9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {74ED37E6-1B0C-4FEC-ADD7-BDF859311F96} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {7523B1E0-5B2A-4B3D-8B84-1DDB07D19BF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7B57A10A-E39A-4078-A71B-7FC43DBB269D} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {7E79E96E-C18B-4E95-A70C-23A548E29E8F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {96963E98-1AF0-4D9B-BDCB-9DD50DA1C5C3} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9B8E1FBC-CA26-4C02-8168-6772DB13EE94} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ADE9D023-022C-482A-B19E-86F16DAFCEFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B36B4981-DF0B-4957-AA03-EBA58854FB26} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {C115FF4D-8146-4DB8-9D7F-5643E2698F3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CB1DD2F4-70EF-4C0B-885A-FD2C5E9A2A90} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D264FEF1-682E-4F13-9E87-14A8B63C562C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E381EECA-9371-4390-AEA3-6C065F0D87CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E61C06C0-78DB-4E7F-B238-EFFE3B412FA7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {E8F64BA9-9C28-450A-A5EF-37B78302D54F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FE236CDD-5111-4E45-821E-12DE3838963E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {FEE13A5E-608B-4A4C-991A-517C3B2856AC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-19 19:27 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-11-01 13:59 - 2013-11-01 13:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-10-21 00:25 - 2014-10-21 00:25 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-05-19 08:28 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F7ACB7CE-1867-4660-B96C-C0C46EBCF563}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0C51D191-8752-494D-A0BB-B9F2D8E84C29}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}] => (Allow) LPort=2869
FirewallRules: [{AA7F2292-833E-4165-A79B-17E7EB54B88F}] => (Allow) LPort=1900
FirewallRules: [{666625D3-9F5E-44F4-95C9-5E5BE23365E3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{71EDB291-9858-4A48-9B1D-8F92FF045CE6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6559DB1B-53C5-4147-8A7C-FC4FE8B04A70}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{E555AF69-0720-4522-AB59-646C19F287B5}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{69B7AACD-BC4C-4811-8197-AD7F09BDCBC8}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{3AD4E9EF-596A-4531-9EF2-7C4678199614}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{A4E0D600-F5C6-4D07-B560-94B29452BC51}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{8E133A86-9484-4142-9407-63ED4A627ADE}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{40B17878-74A4-4AA5-B606-DF89A752D18E}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{FFDCBD10-5EBA-4F3D-997A-A1B49D997F96}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{6E84237B-5C88-4F41-8E27-B11485DC4F28}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{961B3BCC-1D6C-4359-B501-A46E0AEE79D2}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [TCP Query User{D8A466D8-4BC7-430A-A9A3-A93BB22F2C4E}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2965F9DB-8699-4943-8C7E-05293BE5080F}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{70427346-B296-4D61-980E-C712F54EBACA}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69B0B207-61B0-4962-BDEA-1853672E09B6}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E35AFDB5-44EE-4E39-92C6-7AFF7F64E5EB}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{60BA62D9-8469-459A-8FBF-BDFBB81E33CF}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3C2A791D-2C21-4D6F-B8CB-FCBA1EA88178}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7172913D-0F32-45A9-99C9-BDEE9992F95C}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CB944D88-DEA0-440A-B0E0-9EA9D0A55B5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5EF18E90-4766-484D-AF15-AD800AF6242A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC4734BE-8D4B-4456-9DC7-601879BC18A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84368E60-9C2C-44C7-82A8-F40B9FCE8BF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5DF32A95-571D-4C2E-AAFE-3986CEF7B144}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{63B0CB7E-1E89-46A2-906A-5945A04FE822}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{26C448AA-8D8E-4AD5-AFBB-32679BA474BB}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{66E26607-BA0A-418A-98C1-A645F04395D5}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{162A9175-BCF8-46D6-A8D3-2E8F35A6A5C9}] => (Allow) C:\Users\Marie\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{8FAD3F35-3774-4088-B528-FC83F7A074AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{21C9063C-6C7D-4C3B-94AE-CBBE84E78A2B}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{AE03FB97-7E14-4732-B313-61DD65AB0C45}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{502840FE-1AB8-4533-BF30-DF18B84E6079}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{F214C47D-A5A2-417C-A891-6F566728136E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6592AEC1-CEA1-404B-B4D5-EC9D8AEB969D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{A78F65A9-B007-4332-B8E3-66F6448491AA}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{5E4AC3A5-9719-4825-BF25-0342643E204A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16E72CB2-69BC-444F-BC25-23E61D81D679}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/03/2015 07:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 06:53:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a44

Startzeit: 01d12df208137a0a

Endzeit: 93

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: b98b21a1-99e6-11e5-9098-78843ce21e6b

Error: (12/03/2015 06:43:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2015 11:14:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2015 07:10:05 PM) (Source: Google Update) (EventID: 20) (User: R142016)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (12/01/2015 06:15:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 10:10:05 PM) (Source: Google Update) (EventID: 20) (User: R142016)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/29/2015 09:38:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 07:43:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 05:47:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (12/03/2015 07:50:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Driver Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/03/2015 07:06:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) System Behavior Tracker Collector Service" wurde nicht richtig gestartet.

Error: (12/03/2015 07:00:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (12/03/2015 06:58:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (12/03/2015 06:58:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (12/03/2015 06:57:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (12/03/2015 06:57:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (12/03/2015 06:56:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/03/2015 06:56:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/03/2015 06:56:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 4077.86 MB
Verfügbarer physikalischer RAM: 2144.04 MB
Summe virtueller Speicher: 8153.93 MB
Verfügbarer virtueller Speicher: 5451.09 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:452.15 GB) (Free:318.11 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Das noch mal extra, weil die Zeichenanzahl wieder überschritten wurde.

M-K-D-B 03.12.2015 20:36
Servus,




Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
C:\ProgramData\5294627.pad
C:\ProgramData\9175908.pad
C:\ProgramData\jwjl.pad
Task: {39F426F4-12E0-4018-B9B1-9613CC7EAB0F} - System32\Tasks\{32A59053-383D-437A-AE89-9D2453FA2380} => pcalua.exe -a C:\Users\Marie\Downloads\ICQ\install_icq7.exe -d C:\Users\Marie\Downloads\ICQ
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST.

Larry3103 03.12.2015 23:57
Danke für deine schnelle Antwort!

Mit Hitman Pro kam ich nur bis ca. 30%, dann kam bei mir ein Bluescreen und Windows ist abgestürzt ... Habe danach auch nicht gewagt, das nochmal zu versuchen. Die anderen Scans haben aber problemlos funktioniert.

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Marie (2015-12-03 21:20:24) Run:1
Gestartet von C:\Users\Marie\Desktop
Geladene Profile: Marie &  (Verfügbare Profile: Marie)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\ProgramData\5294627.pad
C:\ProgramData\9175908.pad
C:\ProgramData\jwjl.pad
Task: {39F426F4-12E0-4018-B9B1-9613CC7EAB0F} - System32\Tasks\{32A59053-383D-437A-AE89-9D2453FA2380} => pcalua.exe -a C:\Users\Marie\Downloads\ICQ\install_icq7.exe -d C:\Users\Marie\Downloads\ICQ
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
C:\ProgramData\5294627.pad => erfolgreich verschoben
C:\ProgramData\9175908.pad => erfolgreich verschoben
C:\ProgramData\jwjl.pad => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39F426F4-12E0-4018-B9B1-9613CC7EAB0F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39F426F4-12E0-4018-B9B1-9613CC7EAB0F}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{32A59053-383D-437A-AE89-9D2453FA2380} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32A59053-383D-437A-AE89-9D2453FA2380}" => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 6.7 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:24:44 ====
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=377c19f09bc24e4795ae7984b7c2758e
# end=init
# utc_time=2015-12-03 08:47:38
# local_time=2015-12-03 09:47:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27032
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=377c19f09bc24e4795ae7984b7c2758e
# end=updated
# utc_time=2015-12-03 09:02:07
# local_time=2015-12-03 10:02:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=377c19f09bc24e4795ae7984b7c2758e
# engine=27032
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-03 10:44:53
# local_time=2015-12-03 11:44:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 72967852 200812543 0 0
# scanned=262591
# found=3
# cleaned=3
# scan_time=6166
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Marie\Desktop\Uni\Bewerbungen\Praktikum\PDFCreator-1_7_1_setup.exe"
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Marie\Downloads\PDFCreator-1_7_1_setup(1).exe"
sh=FBBE31F08E493A8B0702FE72F3ABA6DF996E20C6 ft=1 fh=1055b3d0ea15ac02 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Marie\Downloads\PDFCreator-1_7_2_setup.exe"
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Marie (2015-12-03 23:49:41)
Gestartet von C:\Users\Marie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-08 15:55:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2285745390-2809105031-2165689464-500 - Administrator - Disabled)
Gast (S-1-5-21-2285745390-2809105031-2165689464-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2285745390-2809105031-2165689464-1002 - Limited - Enabled)
Marie (S-1-5-21-2285745390-2809105031-2165689464-1000 - Administrator - Enabled) => C:\Users\Marie

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon 1Button App (HKLM-x32\...\{54AA7C11-54B7-4BD8-84B2-85873B5C7A04}) (Version: 1.0.4 - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Utilities Digital Photo Professional 1.0 (HKLM-x32\...\InstallShield_{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}) (Version: 1.0 - Canon)
Canon Utilities Digital Photo Professional 1.0 (x32 Version: 1.0 - Canon) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13295.984 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM127_128 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.9 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Screenshot Captor 4.7.2 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SourceTree (HKLM-x32\...\SourceTree 1.6.22) (Version: 1.6.22 - Atlassian)
SourceTree (x32 Version: 1.6.22 - Atlassian) Hidden
Spotify (HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

31-10-2015 12:37:39 Installed SourceTree
09-11-2015 15:49:13 Windows Update
11-11-2015 13:33:54 Windows Update
18-11-2015 15:53:15 Windows Update
03-12-2015 19:49:42 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1564769C-E886-464A-AEF6-A27B4EAFE49C} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {1D1EB4D2-C772-4456-831E-88AE772F4106} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {3CB44FC4-39D7-4EE4-B5BA-7E25EAD77F93} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {4047E08C-9318-4F3F-BEA4-847E0112EC46} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {48B222CD-7E47-485D-BA05-3CAA46BAE8DA} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {52B0EDFF-87A4-4049-AD09-32811E7BE5C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {543BA804-B964-4F63-A223-CF44FFC43B68} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5714CED1-F9DE-4A7F-8D4F-4386903DEC27} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {68396B3E-0280-4CCF-B23D-66EE4E41AC18} - System32\Tasks\{1B2518BE-44B5-4FD3-8D2F-5E6BCA2BA3F8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.64.102/de/go/help.faq.installer?LastError=1601
Task: {6B6900F1-79CE-4DF6-B034-564B59945C9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {74ED37E6-1B0C-4FEC-ADD7-BDF859311F96} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {7523B1E0-5B2A-4B3D-8B84-1DDB07D19BF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7B57A10A-E39A-4078-A71B-7FC43DBB269D} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {7E79E96E-C18B-4E95-A70C-23A548E29E8F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {96963E98-1AF0-4D9B-BDCB-9DD50DA1C5C3} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9B8E1FBC-CA26-4C02-8168-6772DB13EE94} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ADE9D023-022C-482A-B19E-86F16DAFCEFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B36B4981-DF0B-4957-AA03-EBA58854FB26} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {C115FF4D-8146-4DB8-9D7F-5643E2698F3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CB1DD2F4-70EF-4C0B-885A-FD2C5E9A2A90} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D264FEF1-682E-4F13-9E87-14A8B63C562C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E381EECA-9371-4390-AEA3-6C065F0D87CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E61C06C0-78DB-4E7F-B238-EFFE3B412FA7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {E8F64BA9-9C28-450A-A5EF-37B78302D54F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F9A57EFD-3C9E-4C7E-A50B-242EE7C7F751} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {FE236CDD-5111-4E45-821E-12DE3838963E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {FEE13A5E-608B-4A4C-991A-517C3B2856AC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-19 19:27 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-11-01 13:59 - 2013-11-01 13:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2011-05-19 08:41 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-12-03 21:45 - 2015-12-03 21:45 - 00071168 _____ () c:\users\marie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfunqa1.dll
2015-07-26 13:12 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:30 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-26 13:12 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Marie\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-18 14:04 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2014-10-21 00:25 - 2014-10-21 00:25 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-05-19 08:28 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F7ACB7CE-1867-4660-B96C-C0C46EBCF563}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0C51D191-8752-494D-A0BB-B9F2D8E84C29}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}] => (Allow) LPort=2869
FirewallRules: [{AA7F2292-833E-4165-A79B-17E7EB54B88F}] => (Allow) LPort=1900
FirewallRules: [{666625D3-9F5E-44F4-95C9-5E5BE23365E3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{71EDB291-9858-4A48-9B1D-8F92FF045CE6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6559DB1B-53C5-4147-8A7C-FC4FE8B04A70}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{E555AF69-0720-4522-AB59-646C19F287B5}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{69B7AACD-BC4C-4811-8197-AD7F09BDCBC8}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{3AD4E9EF-596A-4531-9EF2-7C4678199614}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{A4E0D600-F5C6-4D07-B560-94B29452BC51}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{8E133A86-9484-4142-9407-63ED4A627ADE}] => (Allow) C:\Program Files (x86)\ICQ\ICQ7.6\ICQ.exe
FirewallRules: [{40B17878-74A4-4AA5-B606-DF89A752D18E}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{FFDCBD10-5EBA-4F3D-997A-A1B49D997F96}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{6E84237B-5C88-4F41-8E27-B11485DC4F28}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{961B3BCC-1D6C-4359-B501-A46E0AEE79D2}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [TCP Query User{D8A466D8-4BC7-430A-A9A3-A93BB22F2C4E}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2965F9DB-8699-4943-8C7E-05293BE5080F}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{70427346-B296-4D61-980E-C712F54EBACA}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69B0B207-61B0-4962-BDEA-1853672E09B6}C:\users\marie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E35AFDB5-44EE-4E39-92C6-7AFF7F64E5EB}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{60BA62D9-8469-459A-8FBF-BDFBB81E33CF}] => (Allow) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3C2A791D-2C21-4D6F-B8CB-FCBA1EA88178}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7172913D-0F32-45A9-99C9-BDEE9992F95C}C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CB944D88-DEA0-440A-B0E0-9EA9D0A55B5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5EF18E90-4766-484D-AF15-AD800AF6242A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC4734BE-8D4B-4456-9DC7-601879BC18A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84368E60-9C2C-44C7-82A8-F40B9FCE8BF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5DF32A95-571D-4C2E-AAFE-3986CEF7B144}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{63B0CB7E-1E89-46A2-906A-5945A04FE822}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{26C448AA-8D8E-4AD5-AFBB-32679BA474BB}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{66E26607-BA0A-418A-98C1-A645F04395D5}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{162A9175-BCF8-46D6-A8D3-2E8F35A6A5C9}] => (Allow) C:\Users\Marie\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{8FAD3F35-3774-4088-B528-FC83F7A074AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{21C9063C-6C7D-4C3B-94AE-CBBE84E78A2B}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{AE03FB97-7E14-4732-B313-61DD65AB0C45}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{502840FE-1AB8-4533-BF30-DF18B84E6079}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{F214C47D-A5A2-417C-A891-6F566728136E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6592AEC1-CEA1-404B-B4D5-EC9D8AEB969D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{A78F65A9-B007-4332-B8E3-66F6448491AA}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{5E4AC3A5-9719-4825-BF25-0342643E204A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16E72CB2-69BC-444F-BC25-23E61D81D679}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/03/2015 11:46:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:47:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:47:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:47:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:47:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:46:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/03/2015 09:44:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 09:27:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 07:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 06:53:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a44

Startzeit: 01d12df208137a0a

Endzeit: 93

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: b98b21a1-99e6-11e5-9098-78843ce21e6b


Systemfehler:
=============
Error: (12/03/2015 11:44:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/03/2015 11:44:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Marie\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/03/2015 11:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/03/2015 11:44:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Marie\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/03/2015 11:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/03/2015 11:44:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Marie\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/03/2015 11:44:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/03/2015 11:44:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Marie\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/03/2015 11:44:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/03/2015 11:44:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Marie\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 4077.86 MB
Verfügbarer physikalischer RAM: 1829.87 MB
Summe virtueller Speicher: 8153.93 MB
Verfügbarer virtueller Speicher: 5010.89 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:452.15 GB) (Free:324.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Mal wieder zu viele Zeichen :)

Larry3103 03.12.2015 23:58
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Marie (Administrator) auf R142016 (03-12-2015 23:48:41)
Gestartet von C:\Users\Marie\Desktop
Geladene Profile: Marie (Verfügbare Profile: Marie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Facebook Update] => C:\Users\Marie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify Web Helper] => C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Spotify] => C:\Users\Marie\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-31] (Spotify Ltd)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [Dropbox Update] => C:\Users\Marie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\Run: [GoogleChromeAutoLaunch_D555174A98A2F0684F8075DBE0BF0C0E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2285745390-2809105031-2165689464-1000\...\MountPoints2: {24904ea3-282a-11e1-9629-78843ce21e6b} - E:\Startme.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marie\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-10-12]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DB83DB8D-35CF-4818-BDAF-A7D430B90AEF}: [DhcpNameServer] 10.3.0.10 10.3.0.130

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6744BEDE-007B-43DC-AA4C-98400709CE03} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {691EA7E8-5CC3-4A5B-A476-72AD527FF97F} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {6B4432D4-8811-46A1-A77A-AB1C52946E70} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ie_ds_&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2285745390-2809105031-2165689464-1000 -> {F1E87776-8EC1-4B24-8222-59A5448750B4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-19] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\j4n4cspo.default
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_nt_
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Amazon
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_sp_
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-19] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2285745390-2809105031-2165689464-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-09-12]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nicht gefunden]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-23] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_sp_"
CHR DefaultSearchURL: Default -> hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_77a9c79cdf9346f3b7bc9a5e202f0092_39_1007_20140121_DE_cr_ds_&query={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-25]
CHR Extension: („Pin it“-Button) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-12-03]
CHR Extension: (Avira SafeSearch) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-12-03]
CHR Extension: (Skype Click to Call) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [41080 2015-12-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-21] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-03 21:32 - 2015-12-03 21:32 - 00041080 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-12-03 21:32 - 2015-12-03 21:32 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-03 21:31 - 2015-12-03 21:31 - 11337112 _____ (SurfRight B.V.) C:\Users\Marie\Desktop\HitmanPro_x64.exe
2015-12-03 21:20 - 2015-12-03 21:24 - 00003118 _____ C:\Users\Marie\Desktop\Fixlog.txt
2015-12-03 20:00 - 2015-12-03 20:00 - 00069708 _____ C:\Users\Marie\Desktop\FRST2.txt
2015-12-03 19:59 - 2015-12-03 19:59 - 00048705 _____ C:\Users\Marie\Desktop\Addition2.txt
2015-12-03 19:53 - 2015-12-03 19:55 - 00012648 _____ C:\Users\Marie\Desktop\JRT.txt
2015-12-03 19:47 - 2015-12-03 19:48 - 01599336 _____ (Malwarebytes) C:\Users\Marie\Desktop\JRT.exe
2015-12-03 19:46 - 2015-12-03 19:46 - 00001199 _____ C:\Users\Marie\Desktop\mbam2.txt
2015-12-03 19:00 - 2015-12-03 19:00 - 00006266 _____ C:\Users\Marie\Desktop\AdwCleaner[C1].txt
2015-12-03 18:52 - 2015-12-03 18:52 - 01736704 _____ C:\Users\Marie\Desktop\AdwCleaner_5.023 (1).exe
2015-12-03 18:50 - 2015-12-03 18:56 - 00000000 ____D C:\AdwCleaner
2015-12-03 18:49 - 2015-12-03 18:49 - 01736704 _____ C:\Users\Marie\Downloads\AdwCleaner_5.023.exe
2015-12-02 21:39 - 2015-12-02 21:40 - 00020088 _____ C:\Users\Marie\Desktop\mbam.txt
2015-12-02 20:58 - 2015-12-03 22:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 20:58 - 2015-12-02 20:58 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 20:58 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-02 20:58 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-02 20:58 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-02 20:54 - 2015-12-02 20:57 - 22908888 _____ (Malwarebytes ) C:\Users\Marie\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-02 00:24 - 2015-12-02 00:24 - 00048789 _____ C:\Users\Marie\Downloads\Addition (1).txt
2015-12-01 23:57 - 2015-12-03 23:49 - 00030242 _____ C:\Users\Marie\Desktop\FRST.txt
2015-12-01 23:57 - 2015-12-03 19:58 - 00048705 _____ C:\Users\Marie\Desktop\Addition.txt
2015-12-01 23:53 - 2015-12-01 23:54 - 00048789 _____ C:\Users\Marie\Downloads\Addition.txt
2015-12-01 23:52 - 2015-12-03 23:48 - 00000000 ____D C:\FRST
2015-12-01 23:52 - 2015-12-01 23:54 - 00068359 _____ C:\Users\Marie\Downloads\FRST.txt
2015-12-01 23:48 - 2015-12-01 23:48 - 02350080 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2015-12-01 23:46 - 2015-12-01 23:46 - 00041664 _____ C:\Users\Marie\Desktop\Gmer.txt
2015-12-01 23:35 - 2015-12-01 23:35 - 00380416 _____ C:\Users\Marie\Downloads\Gmer-19357.exe
2015-12-01 23:32 - 2015-12-01 23:32 - 01721344 _____ (Farbar) C:\Users\Marie\Downloads\FRST.exe
2015-12-01 23:31 - 2015-12-01 23:31 - 02350080 _____ (Farbar) C:\Users\Marie\Downloads\FRST64 (1).exe
2015-12-01 23:30 - 2015-12-01 23:30 - 00000000 _____ C:\Users\Marie\defogger_reenable
2015-12-01 23:29 - 2015-12-01 23:29 - 00050477 _____ C:\Users\Marie\Downloads\Defogger.exe
2015-11-29 16:25 - 2015-11-30 00:21 - 18825179 _____ C:\Users\Marie\Desktop\Zwischenpräsentation Ader.pptx
2015-11-27 22:07 - 2015-11-27 22:07 - 00419751 _____ C:\Users\Marie\Downloads\Lebenslauf Ngan Nguyen.pdf
2015-11-18 15:20 - 2015-11-18 15:20 - 01646333 _____ C:\Users\Marie\Downloads\oledata.mso
2015-11-18 15:13 - 2015-11-18 15:13 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk (1).pdf
2015-11-18 15:13 - 2015-11-18 15:13 - 01012712 _____ C:\Users\Marie\Downloads\psedii_scrn_sas.zip
2015-11-18 15:13 - 2015-11-18 15:13 - 00071855 _____ C:\Users\Marie\Downloads\psedii_scrn_codebk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 01065543 _____ C:\Users\Marie\Downloads\psedii_af_cdbk.pdf
2015-11-18 15:10 - 2015-11-18 15:10 - 00266695 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire (1).pdf
2015-11-18 15:09 - 2015-11-18 15:09 - 00267610 _____ C:\Users\Marie\Downloads\psedii_wavea_qnaire.pdf
2015-11-18 15:06 - 2015-11-18 15:06 - 00037201 _____ C:\Users\Marie\Downloads\psedii_screener_qnaire.pdf
2015-11-18 14:53 - 2015-11-18 14:53 - 00099530 _____ C:\Users\Marie\Downloads\psedii_researchopportunities.pdf
2015-11-18 14:51 - 2015-11-18 14:51 - 00931694 _____ C:\Users\Marie\Downloads\psed_outcome.sav
2015-11-18 14:51 - 2015-11-18 14:51 - 00365564 _____ C:\Users\Marie\Downloads\psed_bibliography-2015_07_15.pdf
2015-11-18 14:50 - 2015-11-18 14:50 - 00085838 _____ C:\Users\Marie\Downloads\History_of_Research_Program_v2.pdf
2015-11-18 13:44 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 11:48 - 2015-11-11 11:48 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 10:54 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 10:54 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 10:54 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 10:54 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 10:54 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 10:54 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 10:54 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 10:54 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 10:54 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 10:54 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 10:54 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 10:54 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 10:54 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 10:54 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 10:54 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 10:54 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 10:54 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 10:54 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 10:54 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 10:54 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 10:54 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 10:54 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 10:54 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 10:54 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 10:54 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 10:54 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 10:54 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 10:54 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 10:54 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 10:54 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 10:54 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 10:54 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 10:54 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 10:54 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 10:54 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 10:54 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 10:54 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 10:54 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 10:54 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 10:54 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 10:54 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 10:54 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 10:54 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 10:54 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 10:54 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 10:54 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 10:54 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 10:54 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 10:54 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 10:54 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 10:54 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 10:54 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 10:54 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 10:54 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 10:54 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 10:54 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 10:54 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 10:54 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 10:54 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 10:54 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 10:54 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 10:54 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 10:54 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 10:54 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 10:54 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 10:54 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 10:54 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 10:53 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 10:53 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 10:53 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 10:53 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 10:53 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 10:53 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 10:53 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 10:53 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-04 22:40 - 2015-12-03 21:43 - 00065536 _____ C:\Windows\system32\Ikeext.etl

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-03 23:40 - 2013-11-25 15:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 23:13 - 2015-02-08 15:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-03 22:51 - 2015-06-17 09:29 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-03 22:10 - 2011-10-14 18:00 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000UA.job
2015-12-03 21:54 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-03 21:54 - 2009-07-14 05:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-03 21:50 - 2011-05-19 18:14 - 00700118 _____ C:\Windows\system32\perfh007.dat
2015-12-03 21:50 - 2011-05-19 18:14 - 00149968 _____ C:\Windows\system32\perfc007.dat
2015-12-03 21:50 - 2009-07-14 06:13 - 01622228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-03 21:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-03 21:46 - 2013-01-16 09:55 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Spotify
2015-12-03 21:45 - 2013-05-23 10:46 - 00000000 ___RD C:\Users\Marie\Dropbox
2015-12-03 21:45 - 2013-05-23 10:42 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Dropbox
2015-12-03 21:43 - 2013-11-25 15:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 21:43 - 2011-05-19 08:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-03 21:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-03 21:29 - 2012-01-19 19:16 - 03960320 ___SH C:\Users\Marie\Desktop\Thumbs.db
2015-12-03 21:21 - 2012-08-16 10:31 - 00000000 ____D C:\Users\Marie\AppData\LocalLow\Temp
2015-12-03 21:16 - 2015-06-17 09:29 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-12-03 19:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-03 18:56 - 2014-01-21 13:40 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-12-03 18:42 - 2011-02-11 00:01 - 00000000 ____D C:\Windows\InstDrvs
2015-12-02 21:38 - 2011-10-14 17:08 - 00000000 ____D C:\ProgramData\ICQ
2015-12-02 10:33 - 2011-10-14 18:00 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2285745390-2809105031-2165689464-1000Core.job
2015-12-02 00:06 - 2011-10-14 17:02 - 00000000 ____D C:\Users\Marie\Downloads\ICQ
2015-12-01 23:30 - 2011-10-08 16:55 - 00000000 ____D C:\Users\Marie
2015-12-01 18:56 - 2014-12-24 16:25 - 00000000 ____D C:\Users\Marie\Desktop\DCIM
2015-11-18 21:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 18:12 - 2009-07-14 05:45 - 00464104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 14:03 - 2013-07-30 07:53 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 13:51 - 2011-10-20 16:50 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 13:49 - 2012-05-13 14:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 13:41 - 2011-02-11 00:03 - 01596508 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 13:36 - 2011-03-15 03:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 11:13 - 2015-02-08 15:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 11:13 - 2015-02-08 15:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 11:13 - 2015-02-08 15:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 17:21 - 2015-09-16 20:00 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-10 17:21 - 2014-03-09 10:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 17:21 - 2013-08-11 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-09 17:13 - 2011-02-10 23:48 - 00000000 ____D C:\Windows\Panther
2015-11-09 17:08 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-11-06 15:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-11-04 22:32 - 2013-07-29 11:43 - 00000000 ____D C:\Program Files (x86)\InternetLogin
2015-11-04 22:07 - 2011-05-19 08:39 - 00000000 ____D C:\ProgramData\McAfee
2015-11-04 21:57 - 2013-01-31 09:24 - 00000000 ____D C:\Program Files\McAfee
2015-11-04 21:35 - 2014-12-28 13:13 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieBrowserModeList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieUserList
2015-11-04 21:35 - 2014-04-15 22:58 - 00000000 __SHD C:\Users\Marie\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-28 14:16 - 2013-11-03 18:26 - 0000058 _____ () C:\Users\Marie\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-10-10 17:12 - 2011-10-10 17:12 - 0017408 _____ () C:\Users\Marie\AppData\Local\WebpageIcons.db
2014-10-06 22:41 - 2014-10-06 22:45 - 0000000 _____ () C:\Users\Marie\AppData\Local\{9E0885C6-33BC-4ABF-B751-D85AAA9543E0}
2014-11-05 12:14 - 2014-11-05 12:14 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DCBD99DE-15A5-4CEA-9F87-3056043BC16E}
2014-10-17 10:40 - 2014-10-17 10:42 - 0000000 _____ () C:\Users\Marie\AppData\Local\{DF2572BF-742C-4185-A265-B3D4D0921450}
2011-10-12 14:29 - 2011-10-12 14:29 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Einige Dateien in TEMP:
====================
C:\Users\Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfunqa1.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-18 21:01

==================== Ende von FRST.txt ============================

M-K-D-B 04.12.2015 16:16
Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
C:\Users\Marie\Desktop\Uni\Bewerbungen\Praktikum\PDFCreator-1_7_1_setup.exe
C:\Users\Marie\Downloads\PDFCreator-1_7_2_setu*.exe
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Schritt 3
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.








Wie läuft der Rechner aktuell? Gibt es noch Probleme? Wenn ja, welche?




Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei desSecurityCheck,
  • die Logdatei von FSS,
  • die Beantwortung der gestellten Fragen.

Larry3103 04.12.2015 19:06
Danke für deine Antwort :)

Hier zuerst mal meine Logs:

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Marie (2015-12-04 18:33:56) Run:2
Gestartet von C:\Users\Marie\Desktop
Geladene Profile: Marie (Verfügbare Profile: Marie)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
C:\Users\Marie\Desktop\Uni\Bewerbungen\Praktikum\PDFCreator-1_7_1_setup.exe
C:\Users\Marie\Downloads\PDFCreator-1_7_2_setu*.exe
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"C:\Users\Marie\Desktop\Uni\Bewerbungen\Praktikum\PDFCreator-1_7_1_setup.exe" => nicht gefunden.

=========== "C:\Users\Marie\Downloads\PDFCreator-1_7_2_setu*.exe" ==========

nicht gefunden

========= Ende -> "C:\Users\Marie\Downloads\PDFCreator-1_7_2_setu*.exe" ========

EmptyTemp: => 18.5 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:34:18 ====
Code:
Results of screen317's Security Check version 1.013 --- 11/28/15 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java(TM) 6 Update 22 
 Java version 32-bit out of Date!
 Adobe Flash Player 19.0.0.245 
 Adobe Reader 10.1.15 Adobe Reader out of Date! 
 Mozilla Firefox 26.0 Firefox out of Date! 
 Google Chrome (46.0.2490.80)
 Google Chrome (46.0.2490.86)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Code:
Farbar Service Scanner Version: 10-06-2014
Ran by Marie (administrator) on 04-12-2015 at 19:03:38
Running from "C:\Users\Marie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
Bisher konnte ich nichts verdächtiges mehr feststellen. Programme laufen flüssig und auch beim Surfen im Internet geht alles schneller.

LG

M-K-D-B 05.12.2015 12:25
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.



http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:




http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.


Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
   



Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/adblock_firefox.pngAdblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
http://filepony.de/icon/noscript.png NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.



Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .



Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.



Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

M-K-D-B 09.12.2015 17:51
Ich bin froh, dass wir helfen konnten :abklatsch:

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! :)

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:24 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131