Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe

berndi78 · 19.08.2015, 16:26

Hallo,

ich habe hier mal wieder einen Laptop eines Freundes hier, er hat folgendes Problem:

Er bekamm eine Mail von einer Verwandten und klickte auf den Link in der Mail. Die Mail lautete so:
Hello!

Important message, visit h***://lasumamail.com/whenever.php

Mehr nicht und er klickte leider auf den Link.

Seitdem funktioniert sein DATEV Buchhaltungsprogramm nicht mehr. Es kommt nur noch eine Fehlermeldung. Desweiteren ist sein Konto beim Onlinebanking ber die HP der Bank verschwunden, das ist aber jetzt mal nicht mein Problem.

Wie soll ich hier jetzt als erstes verfahren um den Laptop evtl zu retten?

Gruß
Bernd

EDIT ich habe zumindest das DATEV mal zum laufen bekommen, aber ich glaube der Rechner ist trotzdem nicht sauber!!

schrauber · 19.08.2015, 16:55

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

berndi78 · 19.08.2015, 19:11

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-08-2015
durchgeführt von Helmut Klein (Administrator) auf HELMUTKLEIN-HP (19-08-2015 20:08:12)
Gestartet von C:\Users\Helmut Klein\Downloads
Geladene Profile: Helmut Klein (Verfügbare Profile: Helmut Klein)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DATEV eG) C:\Datev\PROGRAMM\B0001442\PSNTServ.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
(DATEV eG) C:\Datev\PROGRAMM\Install\DvInesASDSvc.Exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984736 2011-10-22] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-10-22] (Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [3200 Scan2PC] => C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe [1989120 2010-05-18] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-02-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-11] (Google Inc.)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Browser Extensions] => C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\CouponsHelper.exe [540656 2015-06-09] ()
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Viber] => C:\Users\Helmut Klein\AppData\Local\Viber\Viber.exe [936656 2014-10-20] ()
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk [2013-01-10]
ShortcutTarget: Basisschnittstelle Office Initialisierung.lnk -> C:\Datev\PROGRAMM\BSoffice\service\OfficeDiag.exe (DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk [2013-01-10]
ShortcutTarget: CleanupPrintJobs.lnk -> C:\Datev\PROGRAMM\B0001401\CleanupPrintJobs.exe (DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk [2012-10-16]
ShortcutTarget: SkyUserDevmode-Update.lnk -> C:\Datev\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B9&OHP=&OSP=
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11406&pf=V7&trgb=IE&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=hp&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=ie_11.0.9600.17207&apn_uid=CD724A68-68C9-4CC3-83E2-3B1E55E4DD65&itbv=12.15.5.30&doi=2014-08-06&psv=&pt=tb
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.schmidt-systemhaus.com/
URLSearchHook: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 - (Kein Name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll Keine Datei
URLSearchHook: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 - (Kein Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> DefaultScope {469E0712-B340-4179-B1B6-788C86E00627} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324839&octid=EB_ORIGINAL_CTID&ISID=MACFF8CA3-7736-44BF-BEE4-158090A2FB60&SearchSource=58&CUI=&UM=5&UP=SPB279500B-C678-4BF2-9D77-4EA34B99EEB5&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {469E0712-B340-4179-B1B6-788C86E00627} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {484D89B8-A1D5-49BA-A7DA-A11F28169796} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=&itbv=12.15.5.30&apn_uid=CD724A68-68C9-4CC3-83E2-3B1E55E4DD65&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=ie_11.0.9600.17207&doi=2014-08-06&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\Coupons64.dll [2015-06-09] ()
BHO: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2015-04-28] (APN LLC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-04-01] (Yahoo! Inc.)
BHO-x32: Toolbar BHO -> {312f84fb-8970-4fd3-bddb-7012eac4afc9} -> C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll Keine Datei
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\Coupons.dll [2015-06-09] ()
BHO-x32: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2015-04-28] (APN LLC.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-22] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Toolbar BHO -> {a235e1e3-6296-4710-af39-104a7faa6c7c} -> C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Search Assistant BHO -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll Keine Datei
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Keine Datei
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Search Assistant BHO -> {f236ca79-3123-4afb-9f74-e98117ad5625} -> C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll Keine Datei
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2015-04-28] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Keine Datei
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll Keine Datei
Toolbar: HKLM-x32 - FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-04-01] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2015-04-28] (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> Kein Name - {C66A678D-5E6C-4AF9-8F57-C6192F42CF74} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0DB26612-5517-4562-B570-AAC80FF0DC31}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8A7E515E-0452-4C1F-AB7E-124EEA14EEFE}: [DhcpNameServer] 88.134.228.33 88.134.228.97
Tcpip\..\Interfaces\{DF5E9FAB-35D3-4F58-A548-71803BAACC44}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @FromDocToPDF_65.com/Plugin -> C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\NP65Stub.dll [2013-06-13] (MindSpark)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [2013-06-13] (MindSpark)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\user.js [2014-03-27]
FF SearchPlugin: C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\conduit-search.xml [2014-03-27]
FF SearchPlugin: C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\Web Search.xml [2013-11-18]
FF SearchPlugin: C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\yahoo_ff.xml [2014-05-24]
FF Extension: Kein Name - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2013-06-13]
FF Extension: Kein Name - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com [2013-06-13]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\{30B5D38F-A43B-42fd-B7E5-898BB1B71B8B} [2015-03-04]
FF Extension: Start Page - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-03-04]
FF Extension: Yahoo! Toolbar - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-08-19]
FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} [2014-10-21]
FF Extension: Slick Savings - C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi [2015-08-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF Extension: Kein Name - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013-06-13]
FF HKLM-x32\...\Firefox\Extensions: [65ffxtbr@FromDocToPDF_65.com] - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin
FF Extension: Kein Name - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin [2013-06-13]
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension

Chrome: 
=======
CHR Profile: C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Amazon Shopping Helper) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbecdmcnlcoebdcidcfdkoimbjkcegbc [2014-05-31]
CHR Extension: (YouTube) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-11]
CHR Extension: (Domain Error Helper) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2014-05-31]
CHR Extension: (Google Search) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-11]
CHR Extension: (New Tab Assistant) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2014-05-31]
CHR Extension: (New Tab for Chrome) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2013-01-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (PricePeep) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2014-12-26]
CHR Extension: (Skype Click to Call) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-24]
CHR Extension: (Shopping Helper) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof [2014-05-31]
CHR Extension: (Google Wallet) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\deh_1.0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\nta_1.0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [habjlbfdajajfdpokalpgkgpkeedmnei] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3225\ch\MediaViewV1alpha3225.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [hdmcaaohmbjedcdifpippgjeppfdjcmc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha621\ch\MediaViewV1alpha621.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\NewTab.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mpmmfoidkbioconkebngjfaiopdacpca] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha332\ch\MediaViewerV1alpha332.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\Helmut Klein\AppData\Roaming\Browser Extensions\sh_1.0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [161320 2014-06-01] (DATEV eG)
S3 Datev.Database.Conserve; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
S2 Datev.Framework.RemoteServiceModel.EnablerService; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
S3 Datev.Framework.RemoteServices; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
S3 Datev.Irw.ServiceProvider.HostXcut.Server; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [186368 2014-03-31] (DATEV eG) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2012-10-17] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R3 MSSQLFDLauncher$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [42168 2015-03-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 SQLAgent$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-22] (Atheros) [Datei ist nicht signiert]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-11-16] (Advanced Micro Devices)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [330912 2011-10-22] () [Datei ist nicht signiert]
S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [110240 2011-10-22] () [Datei ist nicht signiert]
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [557848 2011-05-20] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-28] (Samsung Electronics)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U5 dmboot; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-19 20:08 - 2015-08-19 20:08 - 00038421 _____ C:\Users\Helmut Klein\Downloads\FRST.txt
2015-08-19 20:08 - 2015-08-19 20:08 - 00000000 ____D C:\FRST
2015-08-19 20:07 - 2015-08-19 20:07 - 02173440 _____ (Farbar) C:\Users\Helmut Klein\Downloads\FRST64.exe
2015-08-19 10:17 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 10:17 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 10:17 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 10:17 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 09:02 - 2015-08-18 09:02 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-18 09:02 - 2015-08-18 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-14 16:18 - 2015-08-14 16:18 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\{47314054-B191-494B-93F7-E370AE2F1AEC}
2015-08-13 09:20 - 2015-08-13 09:20 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 23:25 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 23:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:41 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:41 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:41 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:41 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:41 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:41 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:41 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:41 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:41 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:40 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:40 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:40 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:40 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:40 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:40 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:40 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:40 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:40 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:40 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:40 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:40 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:40 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:40 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:40 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:40 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:40 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:40 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:40 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:40 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:40 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:40 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:40 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:40 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:40 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:40 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:40 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:40 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:40 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:40 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:40 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:40 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:40 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:40 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:40 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:40 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:40 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:39 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:38 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:38 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 08:38 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:38 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:38 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:38 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 08:36 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:36 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:36 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:36 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:36 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:36 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:36 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:36 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:36 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:36 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:36 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:36 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:36 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:36 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:36 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:36 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:36 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:36 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:36 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:36 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:36 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:36 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:36 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:36 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:36 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:36 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:36 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:36 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:36 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:36 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:36 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:36 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:36 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:36 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:36 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:36 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:36 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:36 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:36 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:36 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:36 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:36 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:36 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:36 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:36 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:36 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:36 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:36 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:36 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:36 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:36 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:36 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:36 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:36 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:36 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:36 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:36 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:36 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:36 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:36 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:36 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:36 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:36 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:36 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:36 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:36 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:36 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:36 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:35 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:35 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:35 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:35 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:35 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:35 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:35 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:35 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:35 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:35 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-19 20:06 - 2013-02-19 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-19 20:03 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 20:03 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 19:58 - 2012-04-07 08:28 - 01895491 _____ C:\Windows\WindowsUpdate.log
2015-08-19 19:55 - 2012-10-12 15:28 - 00000000 ____D C:\Users\Helmut Klein\AppData\Roaming\Skype
2015-08-19 19:52 - 2014-11-17 14:23 - 00000000 ____D C:\Users\Helmut Klein\AppData\Roaming\ViberPC
2015-08-19 19:51 - 2014-11-17 14:21 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\Viber
2015-08-19 19:51 - 2012-11-11 12:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-19 19:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 19:51 - 2009-07-14 06:51 - 00122797 _____ C:\Windows\setupact.log
2015-08-19 17:39 - 2012-11-11 12:01 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-19 17:37 - 2014-04-11 11:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-19 17:36 - 2014-04-11 11:09 - 00001066 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-19 17:36 - 2014-04-11 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-19 17:36 - 2014-04-11 11:08 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-19 17:20 - 2012-10-20 09:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-19 14:17 - 2012-10-16 13:54 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\CrashDumps
2015-08-19 11:40 - 2012-10-19 16:53 - 00000000 ____D C:\ProgramData\Lexware
2015-08-18 13:30 - 2012-10-17 11:05 - 00000099 _____ C:\Users\Public\LMDebug.log
2015-08-18 13:30 - 2012-10-12 11:12 - 00000000 ____D C:\Users\Helmut Klein
2015-08-18 09:02 - 2012-10-12 15:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-18 09:02 - 2011-11-15 15:41 - 00000000 ____D C:\ProgramData\Skype
2015-08-16 06:38 - 2015-05-23 21:38 - 00000360 _____ C:\Windows\Tasks\HPCeeScheduleForHelmut Klein.job
2015-08-15 20:36 - 2015-05-23 21:38 - 00003228 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHelmut Klein
2015-08-15 20:36 - 2012-10-15 09:18 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-13 10:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 09:20 - 2012-10-20 09:37 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 09:20 - 2012-10-20 09:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 09:20 - 2012-10-16 12:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-13 08:23 - 2009-07-14 06:45 - 00368728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 08:19 - 2014-12-10 18:51 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 08:19 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 23:25 - 2013-03-14 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 23:24 - 2013-03-14 10:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 23:24 - 2013-03-14 10:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:16 - 2013-07-17 23:01 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 23:10 - 2012-10-12 16:15 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 18:42 - 2012-11-11 12:02 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-01 07:31 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2015-08-01 07:22 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-07-31 19:27 - 2012-11-14 14:56 - 00128000 ___SH C:\Users\Helmut Klein\Documents\Thumbs.db
2015-07-26 09:39 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-25 14:45 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:15 - 2015-04-05 00:13 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 10:05 - 2012-10-16 10:27 - 00000400 _____ C:\Windows\ODBC.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-25 14:29 - 2014-03-25 14:29 - 0000116 _____ () C:\Users\Helmut Klein\AppData\Roaming\BEVI.CFG
2012-10-28 11:20 - 2015-02-16 16:10 - 0008704 _____ () C:\Users\Helmut Klein\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-16 17:22 - 2015-04-14 14:34 - 0004865 _____ () C:\Users\Helmut Klein\AppData\Local\EmptySettings.xml
2013-12-25 10:09 - 2013-12-25 10:09 - 0004096 ____H () C:\Users\Helmut Klein\AppData\Local\keyfile3.drm
2013-01-10 10:12 - 2013-01-10 11:11 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Helmut Klein\AppData\Local\Temp\APNSetup.exe
C:\Users\Helmut Klein\AppData\Local\Temp\BackupSetup.exe
C:\Users\Helmut Klein\AppData\Local\Temp\Extract.exe
C:\Users\Helmut Klein\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Helmut Klein\AppData\Local\Temp\jscrcap_libNativeApi_amd64.dll
C:\Users\Helmut Klein\AppData\Local\Temp\jscrcap_libx264_amd64.dll
C:\Users\Helmut Klein\AppData\Local\Temp\Lifecam3.20.240.0.exe
C:\Users\Helmut Klein\AppData\Local\Temp\Resource.exe
C:\Users\Helmut Klein\AppData\Local\Temp\set-app.exe
C:\Users\Helmut Klein\AppData\Local\Temp\Setup.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP52264.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP52407.exe
C:\Users\Helmut Klein\AppData\Local\Temp\sp54620.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP54714.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP54982.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP55152.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP55343.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP56929.exe
C:\Users\Helmut Klein\AppData\Local\Temp\sp58915.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP60723.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP61054.exe
C:\Users\Helmut Klein\AppData\Local\Temp\sp64126.exe
C:\Users\Helmut Klein\AppData\Local\Temp\SP64612.exe
C:\Users\Helmut Klein\AppData\Local\Temp\uninstall.exe
C:\Users\Helmut Klein\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Helmut Klein\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Helmut Klein\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 00:41

==================== Ende von Ergebnis ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-08-2015
durchgeführt von Helmut Klein (2015-08-19 20:09:21)
Gestartet von C:\Users\Helmut Klein\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3166234904-2042533533-3400599474-500 - Administrator - Disabled)
Gast (S-1-5-21-3166234904-2042533533-3400599474-501 - Limited - Disabled)
Helmut Klein (S-1-5-21-3166234904-2042533533-3400599474-1000 - Administrator - Enabled) => C:\Users\Helmut Klein
HomeGroupUser$ (S-1-5-21-3166234904-2042533533-3400599474-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E51FF2E1-88CE-4C1E-F740-6EE413159C2E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ACHTUNG
Ask Toolbar Updater (HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ACHTUNG
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.102 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
B1315AppGuid (x32 Version: 1.0.0 - DATEV eG) Hidden
Browser Extensions (HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.8.7.1 - Spigot, Inc.) <==== ACHTUNG
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports Runtime XI (x32 Version: 1.0.9 - DATEV eG) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATEV Infragistics Runtime V.3.2 (x32 Version: 3.2.0 - Infragistics, Inc.) Hidden
DATEV-Installation V.3.5 (HKLM-x32\...\DATEVB00000482.0) (Version:  - )
DefaultTab (HKLM-x32\...\DefaultTab) (Version: 2.2.3.0 - Search Results, LLC) <==== ACHTUNG
DefaultTab Chrome (HKLM-x32\...\DefaultTab Chrome) (Version: 1.1.25 - ) <==== ACHTUNG
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ACHTUNG
DFL2010 ConfigDB (HKLM-x32\...\{B7C9C1CF-39F0-4DA7-9FAB-BD7B5BEE0AA0}) (Version: 4.40.5177.0 - DATEV eG)
DFL2010 Microkernel (HKLM-x32\...\{D96FB472-7E30-4F3E-8A77-2E0E8A517F10}) (Version: 4.40.5177.0 - DATEV eG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.14949 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ACHTUNG
FromDocToPDF Toolbar (HKLM-x32\...\FromDocToPDF_65bar Uninstall) (Version:  - Mindspark Interactive Network) <==== ACHTUNG
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{AF6EB833-D48A-49AC-9394-4C57489FDFF2}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}) (Version: 4.0.10.0 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Lexware faktura+auftrag 2012 (HKLM-x32\...\{E8033CB5-A8DF-47B3-BDE9-1796626994C6}) (Version: 16.03.00.0140 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM-x32\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 20.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 de)) (Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 20.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version:  - Samsung Electronics Co., Ltd.)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1D00}) (Version: 12.29.0.197 - APN, LLC) <==== ACHTUNG
Service Pack 2 für SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLXML4 (HKLM\...\{BFBF33B5-AEFE-454B-A189-DF5013028535}) (Version: 9.00.5000.00 - Microsoft Corporation)
streamlife (HKLM-x32\...\streamlife.Streamlife) (Version: 1.8.4 - streamlife AG)
streamlife (x32 Version: 1.8.4 - streamlife AG) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Viber (HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Viber) (Version: 4.4.0.134678 - Viber Media Inc)
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ACHTUNG
VideoDownloadConverter Firefox Toolbar  (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Firefox) (Version:  - Mindspark Interactive Network) <==== ACHTUNG
VideoDownloadConverter Internet Explorer Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ACHTUNG
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
YTD Video Downloader 4.8.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

04-08-2015 09:24:23 Windows Update
08-08-2015 02:37:51 Windows Update
11-08-2015 10:33:58 Windows Update
12-08-2015 23:09:16 Windows Update
16-08-2015 06:48:25 Windows Update
19-08-2015 09:17:41 Windows Update
19-08-2015 10:17:30 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1165B4AC-7722-4D62-BF07-CFE94B6B68F9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {2AE000E3-2F64-47F3-A5BF-D0E537882476} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2E40D141-F4CB-43EB-A273-C18D57D070F2} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ACHTUNG
Task: {3C4ED15B-F86B-4EDB-8A21-092F68DC11ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {50B1A14E-78AF-4A68-897A-A92FBD123175} - System32\Tasks\HPCeeScheduleForHelmut Klein => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {7FE51DD7-5F8B-4AB6-902E-28B2819B87AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-08-11] (Microsoft)
Task: {9FA3B530-664C-49E5-8FF0-35E90DF17270} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A4DFE479-A6A7-4B96-9A80-CAB40C5CF29A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {BAF474F4-55AB-4B7B-92AD-99E55F8400EE} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D4A7C949-3822-4863-8885-0EDD76374E9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E67FCC20-B9CA-4F0F-96C9-3A1F91EAC8E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {E72EF5C9-9E71-47F6-ACDB-9AECEE0D00D0} - System32\Tasks\DATEV eG\DATEV Update-Monitor => C:\Datev\PROGRAMM\Install\DvInesASDMon.Exe [2014-06-01] (DATEV eG)
Task: {FE04F8A2-9FE2-4754-B929-D00810966E5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHelmut Klein.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-17 10:56 - 2011-04-14 04:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2012-10-17 10:50 - 2011-07-06 13:24 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-10-17 11:00 - 2010-05-18 15:46 - 01989120 _____ () C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
2012-10-17 10:50 - 2009-11-19 11:15 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2013-02-07 03:45 - 2013-02-07 03:45 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-10-02 10:26 - 2012-10-02 10:26 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-10-17 22:37 - 2012-10-17 22:36 - 00246112 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2010-07-21 15:33 - 2010-07-21 15:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 15:33 - 2010-07-21 15:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 15:33 - 2010-07-21 15:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-03-27 18:05 - 2012-05-25 05:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-03-27 18:05 - 2012-05-25 05:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2012-10-17 11:00 - 2009-11-19 21:10 - 01384520 _____ () C:\Windows\twain_32\Samsung\SCX3200\ssole.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 00384512 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2012-10-17 22:37 - 2012-10-17 22:36 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-10-17 04:08 - 2014-10-17 04:08 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ad7470aa2dcaca83470e5cf0dfaa2ccf\IsdiInterop.ni.dll
2012-04-07 08:31 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-02-19 15:56 - 2013-04-15 10:52 - 03133336 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-08-13 09:20 - 2015-08-13 09:20 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9DE2036C-132A-4E2B-BFD9-D646AC1A4578}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C4F7315-05D6-44D8-B709-06B155AD008C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{687FD28E-1501-4EDE-87D7-9668D7D37769}] => (Allow) LPort=2869
FirewallRules: [{CC38C84F-BFCF-4E05-A6A4-650E9E5E101B}] => (Allow) LPort=1900
FirewallRules: [{0A432063-7789-403D-A1F2-FE975A21536D}] => (Allow) C:\DATEV\PROGRAMM\Sws\LimaService.exe
FirewallRules: [{878FB829-126C-4292-B904-8636844F12BC}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{6C3A34EA-6801-45F5-B1CD-982A3A77CB89}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{BE52365B-B8F9-4E0C-A496-6DB5416300BF}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{101EB878-6FA1-44F1-AF41-860B86DCF41B}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{7B76DE81-0BE8-4180-B073-EE4705B10793}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
FirewallRules: [{B2CB5CD9-2310-4AEB-800C-054DE839C436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
FirewallRules: [{6E3C80CE-1D1B-40C1-B27E-C67E771AC4B6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe
FirewallRules: [{6BB3DCC9-82C0-4394-849C-EFA7A0D1DD50}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe
FirewallRules: [{AA016C80-E400-41E3-AEDE-F340F9AFB1EA}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{64EB78E9-0C8B-4F90-AD46-39953B2602E7}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{0BD07499-6104-4AD7-AC5F-13B61D85A9EF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{752B799C-CA47-41B8-AD3A-46D98E681B62}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{89452387-FC76-4EA7-8F41-5E7601F78E4F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{622DA86C-29E9-49BB-BC9D-E52CDB607361}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{08A25772-84A0-46FE-A68D-3A82F9FA5D80}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{FD953873-EAA3-4B6E-A3F3-921BE119EAE3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{BA2F9976-C0C4-4568-B580-61E37661CE3A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{7A01840B-CF00-4FC5-9E89-0CBFDD5DFFC7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{2835D873-D49C-46F6-B68F-7D2EE628DA71}] => (Allow) C:\Users\Helmut Klein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\918H8W1Q\incredimail_install.exe
FirewallRules: [{1C06E660-92B4-4A01-AD6C-777A6FDFC172}] => (Allow) C:\Users\Helmut Klein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\918H8W1Q\incredimail_install.exe
FirewallRules: [{CF590F4C-CB47-45EB-B862-221D23191681}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{4B2840A8-B0BA-453F-B68E-30FAA11CB454}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{3B5A3DEE-C62F-4B44-8157-7C54F626B537}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImLc.exe
FirewallRules: [{FE9CDE84-9110-40C7-BBDF-18D1FB22FE3A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImLc.exe
FirewallRules: [{7E3E170A-AB7B-41B1-BAB3-7B53A7E7847D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{42E3989B-3986-4687-BB4C-62010411C687}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{6DEA3526-67CF-4AC9-B71E-419CEB3D86EE}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{B2DE08E4-2715-491E-99E2-4DDF6F0D0721}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{EC7F9043-6A2A-4478-AD04-2DB06FFA2CB1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CCDF1A62-4338-47A4-95E1-126FCFE12CF3}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{40C83B4E-D9EB-4F3F-A1DE-3A8A0DD9A874}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{178D859C-5F06-4471-8DF9-502EC84DAA6F}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{B10786D1-4E5F-4BFC-8F5D-BE0250CC5DDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\Numzus\NumZus.exe] => C:\DATEV\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe
DomainProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\Mandant\Mandant.exe] => C:\DATEV\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe
DomainProfile\AuthorizedApplications: [C:\DATEV\SYSTEM\DvpExe.exe] => Enabled:DvpExe.exe
DomainProfile\AuthorizedApplications: [C:\DATEV\SYSTEM\DcomSrv.exe] => Enabled:DcomSrv.exe
DomainProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\RWApplic\Datev.Irw.Managed.ServiceProvider.exe] => C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe:*:Enabled:DATEV IRW ServiceProvider
StandardProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\Numzus\NumZus.exe] => C:\DATEV\PROGRAMM\NUMZUS\NumZus.exe:*:Enabled:NumZus.exe
StandardProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\Mandant\Mandant.exe] => C:\DATEV\PROGRAMM\MANDANT\Mandant.exe:*:Enabled:Mandant.exe
StandardProfile\AuthorizedApplications: [C:\DATEV\SYSTEM\DvpExe.exe] => Enabled:DvpExe.exe
StandardProfile\AuthorizedApplications: [C:\DATEV\SYSTEM\DcomSrv.exe] => Enabled:DcomSrv.exe
StandardProfile\AuthorizedApplications: [C:\DATEV\PROGRAMM\RWApplic\Datev.Irw.Managed.ServiceProvider.exe] => C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe:*:Enabled:DATEV IRW ServiceProvider

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications
Service: BTATH_A2DP
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/19/2015 07:54:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 05:17:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 02:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17937, Zeitstempel: 0x55a7f8da
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 11.0.9600.17937, Zeitstempel: 0x55a80172
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x000118b5
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/19/2015 02:12:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17937, Zeitstempel: 0x55a7f8da
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 11.0.9600.17937, Zeitstempel: 0x55a80172
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x000118b5
ID des fehlerhaften Prozesses: 0xc74
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/19/2015 02:01:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 11:52:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 11:34:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:33:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:22:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/19/2015 08:01:45 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (08/19/2015 08:01:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (08/19/2015 07:54:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/19/2015 07:53:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/19/2015 07:53:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (08/19/2015 07:53:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/19/2015 07:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DATEV DFL-Service-Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/19/2015 07:52:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst DATEV DFL-Service-Manager erreicht.

Error: (08/19/2015 05:25:15 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (08/19/2015 05:25:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office:
=========================
Error: (08/19/2015 07:54:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 05:17:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 02:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1793755a7f8daIEFRAME.dll11.0.9600.1793755a80172c00000fd000118b5b8001d0da78f325d8c5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dll3181efc0-466c-11e5-81a2-9cb70de6b01f

Error: (08/19/2015 02:12:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1793755a7f8daIEFRAME.dll11.0.9600.1793755a80172c00000fd000118b5c7401d0da784622fbbfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dll84c9ff83-466b-11e5-81a2-9cb70de6b01f

Error: (08/19/2015 02:01:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 11:52:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 11:34:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:33:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 10:22:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3957.86 MB
Verfügbarer physikalischer RAM: 1516.64 MB
Summe virtueller Speicher: 7913.91 MB
Verfügbarer virtueller Speicher: 4874.65 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:449.82 GB) (Free:329.18 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:15.65 GB) (Free:1.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9FB0C11A)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== Ende von Ergebnis ============================

schrauber · 20.08.2015, 12:43

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Ask Toolbar

Ask Toolbar Updater

Browser Extensions

DefaultTab

DefaultTab Chrome

Delta Chrome Toolbar

FileParade bundle uninstaller

FromDocToPDF Toolbar

Search App by Ask

Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ACHTUNG

VideoDownloadConverter Firefox Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Firefox) (Version: - Mindspark Interactive Network) <==== ACHTUNG

VideoDownloadConverter Internet Explorer Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ACHTUNG

YTD Video Downloader 4.8.1
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

berndi78 · 20.08.2015, 18:46

Das Programm mbar hat gescannt aber nichts gefunden und somit auch keinen Neustart des PC gemacht, ich finde dazu leider auch keine Logdatei.

Code:

ATTFilter

19:36:17.0531 0x0b2c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:36:23.0326 0x0b2c  ============================================================
19:36:23.0326 0x0b2c  Current date / time: 2015/08/20 19:36:23.0326
19:36:23.0326 0x0b2c  SystemInfo:
19:36:23.0326 0x0b2c  
19:36:23.0326 0x0b2c  OS Version: 6.1.7601 ServicePack: 1.0
19:36:23.0326 0x0b2c  Product type: Workstation
19:36:23.0326 0x0b2c  ComputerName: HELMUTKLEIN-HP
19:36:23.0326 0x0b2c  UserName: Helmut Klein
19:36:23.0326 0x0b2c  Windows directory: C:\Windows
19:36:23.0326 0x0b2c  System windows directory: C:\Windows
19:36:23.0326 0x0b2c  Running under WOW64
19:36:23.0327 0x0b2c  Processor architecture: Intel x64
19:36:23.0327 0x0b2c  Number of processors: 4
19:36:23.0327 0x0b2c  Page size: 0x1000
19:36:23.0327 0x0b2c  Boot type: Normal boot
19:36:23.0327 0x0b2c  ============================================================
19:36:24.0012 0x0b2c  KLMD registered as C:\Windows\system32\drivers\46014559.sys
19:36:25.0821 0x0b2c  System UUID: {1EA0D0D4-E7A8-0CA2-B716-ED425E50615D}
19:36:27.0046 0x0b2c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:36:27.0814 0x0b2c  ============================================================
19:36:27.0814 0x0b2c  \Device\Harddisk0\DR0:
19:36:28.0046 0x0b2c  MBR partitions:
19:36:28.0047 0x0b2c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:36:28.0047 0x0b2c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x383A1800
19:36:28.0047 0x0b2c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38405800, BlocksNum 0x1F4C800
19:36:28.0047 0x0b2c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
19:36:28.0047 0x0b2c  ============================================================
19:36:28.0478 0x0b2c  C: <-> \Device\Harddisk0\DR0\Partition2
19:36:28.0761 0x0b2c  D: <-> \Device\Harddisk0\DR0\Partition3
19:36:29.0342 0x0b2c  F: <-> \Device\Harddisk0\DR0\Partition4
19:36:29.0443 0x0b2c  ============================================================
19:36:29.0443 0x0b2c  Initialize success
19:36:29.0443 0x0b2c  ============================================================
19:36:52.0206 0x125c  ============================================================
19:36:52.0206 0x125c  Scan started
19:36:52.0206 0x125c  Mode: Manual; 
19:36:52.0206 0x125c  ============================================================
19:36:52.0206 0x125c  KSN ping started
19:36:54.0680 0x125c  KSN ping finished: true
19:36:55.0539 0x125c  ================ Scan system memory ========================
19:36:55.0540 0x125c  System memory - ok
19:36:55.0541 0x125c  ================ Scan services =============================
19:36:55.0743 0x125c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:36:55.0764 0x125c  1394ohci - ok
19:36:55.0826 0x125c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:36:55.0848 0x125c  ACPI - ok
19:36:55.0870 0x125c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:36:55.0873 0x125c  AcpiPmi - ok
19:36:55.0995 0x125c  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:36:55.0999 0x125c  AdobeARMservice - ok
19:36:56.0179 0x125c  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:36:56.0193 0x125c  AdobeFlashPlayerUpdateSvc - ok
19:36:56.0264 0x125c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:36:56.0298 0x125c  adp94xx - ok
19:36:56.0330 0x125c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:36:56.0342 0x125c  adpahci - ok
19:36:56.0360 0x125c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:36:56.0366 0x125c  adpu320 - ok
19:36:56.0422 0x125c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:36:56.0427 0x125c  AeLookupSvc - ok
19:36:56.0496 0x125c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:36:56.0501 0x125c  AERTFilters - ok
19:36:56.0594 0x125c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:36:56.0625 0x125c  AFD - ok
19:36:56.0651 0x125c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:36:56.0654 0x125c  agp440 - ok
19:36:56.0687 0x125c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:36:56.0691 0x125c  ALG - ok
19:36:56.0740 0x125c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:36:56.0742 0x125c  aliide - ok
19:36:56.0810 0x125c  [ CB8AF51A12C2C3931E825B1DF297BEFB, FEDFB5F6959F3107D219AACF5EB8F063FFC31D2FD40E07A3A3CD66A362866941 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:36:56.0833 0x125c  AMD External Events Utility - ok
19:36:56.0879 0x125c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:36:56.0882 0x125c  amdide - ok
19:36:56.0916 0x125c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:36:56.0921 0x125c  AmdK8 - ok
19:36:57.0339 0x125c  [ EB9A61824F6F0BDB33E76EB69CF272A9, 2750EA16CB321BA813FF1C2164FFB990D6CF8CCDFC71384BFB33E7F568541FC4 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:36:57.0720 0x125c  amdkmdag - ok
19:36:57.0783 0x125c  [ 1B3E7FFEF6B72EBA73847316D3A8C5DD, 938D4DC68BF6B7807C4D7A54CED50909550E0759DCC42D75043EED4ACAE1FC2E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:36:57.0794 0x125c  amdkmdap - ok
19:36:57.0829 0x125c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:36:57.0832 0x125c  AmdPPM - ok
19:36:57.0874 0x125c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:36:57.0880 0x125c  amdsata - ok
19:36:57.0912 0x125c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:36:57.0919 0x125c  amdsbs - ok
19:36:57.0943 0x125c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:36:57.0946 0x125c  amdxata - ok
19:36:57.0999 0x125c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:36:58.0002 0x125c  AppID - ok
19:36:58.0019 0x125c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:36:58.0022 0x125c  AppIDSvc - ok
19:36:58.0061 0x125c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
19:36:58.0085 0x125c  Appinfo - ok
19:36:58.0120 0x125c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:36:58.0124 0x125c  arc - ok
19:36:58.0158 0x125c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:36:58.0162 0x125c  arcsas - ok
19:36:58.0275 0x125c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:36:58.0279 0x125c  aspnet_state - ok
19:36:58.0313 0x125c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:58.0315 0x125c  AsyncMac - ok
19:36:58.0357 0x125c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:36:58.0360 0x125c  atapi - ok
19:36:58.0403 0x125c  [ 185F180536188C1A4ED605234721A5B9, FF06E13656E3442D66F8092CA2CF5AC474EFF7DC9C530E8DD87843E8322EF5C5 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
19:36:58.0407 0x125c  AthBTPort - ok
19:36:58.0583 0x125c  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:36:58.0745 0x125c  athr - ok
19:36:58.0796 0x125c  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:36:58.0800 0x125c  AtiHDAudioService - ok
19:36:58.0907 0x125c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:36:58.0969 0x125c  AudioEndpointBuilder - ok
19:36:59.0010 0x125c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:36:59.0025 0x125c  AudioSrv - ok
19:36:59.0093 0x125c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:36:59.0101 0x125c  AxInstSV - ok
19:36:59.0220 0x125c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:36:59.0255 0x125c  b06bdrv - ok
19:36:59.0301 0x125c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:59.0321 0x125c  b57nd60a - ok
19:36:59.0416 0x125c  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:36:59.0465 0x125c  BCM43XX - ok
19:36:59.0510 0x125c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:36:59.0514 0x125c  BDESVC - ok
19:36:59.0549 0x125c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:36:59.0549 0x125c  Beep - ok
19:36:59.0617 0x125c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:36:59.0651 0x125c  BFE - ok
19:36:59.0704 0x125c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:36:59.0749 0x125c  BITS - ok
19:36:59.0787 0x125c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:36:59.0791 0x125c  blbdrive - ok
19:36:59.0817 0x125c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:36:59.0822 0x125c  bowser - ok
19:36:59.0849 0x125c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:36:59.0851 0x125c  BrFiltLo - ok
19:36:59.0866 0x125c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:36:59.0868 0x125c  BrFiltUp - ok
19:36:59.0906 0x125c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:36:59.0911 0x125c  Browser - ok
19:36:59.0952 0x125c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:36:59.0963 0x125c  Brserid - ok
19:37:00.0001 0x125c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:37:00.0004 0x125c  BrSerWdm - ok
19:37:00.0021 0x125c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:37:00.0024 0x125c  BrUsbMdm - ok
19:37:00.0037 0x125c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:37:00.0040 0x125c  BrUsbSer - ok
19:37:00.0109 0x125c  [ 7335A3995629B878164AB52BB6116F23, C5D52D98B890154B9DFA58C8763A77A74D26CE3DF7E4843C3E2504DF6A195423 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
19:37:00.0147 0x125c  Suspicious file ( Forged ): C:\Windows\system32\drivers\btath_a2dp.sys. Real md5: 7335A3995629B878164AB52BB6116F23, sha256: C5D52D98B890154B9DFA58C8763A77A74D26CE3DF7E4843C3E2504DF6A195423, fake md5: 21BF549E62D13A6533B6BC31C31473D2, fake sha256: 315AA51B29A07E368B65EEA3F1EEC1D61A023C120B54F1490E340C025BACD1F3
19:37:00.0148 0x125c  BTATH_A2DP - detected ForgedFile.Multi.Generic ( 1 )
19:37:02.0699 0x125c  BTATH_A2DP ( ForgedFile.Multi.Generic ) - warning
19:37:05.0324 0x125c  Scan was interrupted by user!
19:37:05.0324 0x125c  Waiting for KSN requests completion. In queue: 26
19:37:06.0423 0x125c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
19:37:06.0489 0x125c  Win FW state via NFP2: enabled ( trusted )
19:37:08.0914 0x125c  ============================================================
19:37:08.0914 0x125c  Scan finished
19:37:08.0914 0x125c  ============================================================
19:37:08.0929 0x1724  Detected object count: 1
19:37:08.0929 0x1724  Actual detected object count: 1
19:37:17.0558 0x1724  BTATH_A2DP ( ForgedFile.Multi.Generic ) - skipped by user
19:37:17.0558 0x1724  BTATH_A2DP ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:37:45.0202 0x0768  ============================================================
19:37:45.0202 0x0768  Scan started
19:37:45.0202 0x0768  Mode: Manual; SigCheck; TDLFS; 
19:37:45.0202 0x0768  ============================================================
19:37:45.0202 0x0768  KSN ping started
19:37:47.0611 0x0768  KSN ping finished: true
19:37:48.0149 0x0768  ================ Scan system memory ========================
19:37:48.0149 0x0768  System memory - ok
19:37:48.0150 0x0768  ================ Scan services =============================
19:37:48.0344 0x0768  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:37:48.0505 0x0768  1394ohci - ok
19:37:48.0544 0x0768  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:37:48.0565 0x0768  ACPI - ok
19:37:48.0578 0x0768  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:37:48.0678 0x0768  AcpiPmi - ok
19:37:48.0780 0x0768  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:37:48.0804 0x0768  AdobeARMservice - ok
19:37:48.0953 0x0768  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:37:48.0987 0x0768  AdobeFlashPlayerUpdateSvc - ok
19:37:49.0046 0x0768  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:37:49.0085 0x0768  adp94xx - ok
19:37:49.0119 0x0768  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:37:49.0146 0x0768  adpahci - ok
19:37:49.0192 0x0768  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:37:49.0207 0x0768  adpu320 - ok
19:37:49.0250 0x0768  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:37:49.0296 0x0768  AeLookupSvc - ok
19:37:49.0345 0x0768  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:37:49.0359 0x0768  AERTFilters - ok
19:37:49.0435 0x0768  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:37:49.0500 0x0768  AFD - ok
19:37:49.0524 0x0768  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:37:49.0542 0x0768  agp440 - ok
19:37:49.0572 0x0768  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:37:49.0634 0x0768  ALG - ok
19:37:49.0679 0x0768  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:37:49.0694 0x0768  aliide - ok
19:37:49.0743 0x0768  [ CB8AF51A12C2C3931E825B1DF297BEFB, FEDFB5F6959F3107D219AACF5EB8F063FFC31D2FD40E07A3A3CD66A362866941 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:37:49.0869 0x0768  AMD External Events Utility - ok
19:37:49.0905 0x0768  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:37:49.0923 0x0768  amdide - ok
19:37:49.0954 0x0768  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:37:50.0016 0x0768  AmdK8 - ok
19:37:50.0396 0x0768  [ EB9A61824F6F0BDB33E76EB69CF272A9, 2750EA16CB321BA813FF1C2164FFB990D6CF8CCDFC71384BFB33E7F568541FC4 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:37:50.0748 0x0768  amdkmdag - ok
19:37:50.0800 0x0768  [ 1B3E7FFEF6B72EBA73847316D3A8C5DD, 938D4DC68BF6B7807C4D7A54CED50909550E0759DCC42D75043EED4ACAE1FC2E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:37:50.0841 0x0768  amdkmdap - ok
19:37:50.0878 0x0768  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:37:50.0906 0x0768  AmdPPM - ok
19:37:50.0935 0x0768  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:37:50.0954 0x0768  amdsata - ok
19:37:50.0982 0x0768  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:37:51.0004 0x0768  amdsbs - ok
19:37:51.0024 0x0768  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:37:51.0035 0x0768  amdxata - ok
19:37:51.0068 0x0768  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:37:51.0115 0x0768  AppID - ok
19:37:51.0134 0x0768  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:37:51.0150 0x0768  AppIDSvc - ok
19:37:51.0187 0x0768  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
19:37:51.0246 0x0768  Appinfo - ok
19:37:51.0280 0x0768  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:37:51.0300 0x0768  arc - ok
19:37:51.0327 0x0768  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:37:51.0340 0x0768  arcsas - ok
19:37:51.0445 0x0768  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:37:51.0477 0x0768  aspnet_state - ok
19:37:51.0493 0x0768  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:51.0648 0x0768  AsyncMac - ok
19:37:51.0670 0x0768  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:37:51.0681 0x0768  atapi - ok
19:37:51.0705 0x0768  [ 185F180536188C1A4ED605234721A5B9, FF06E13656E3442D66F8092CA2CF5AC474EFF7DC9C530E8DD87843E8322EF5C5 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
19:37:51.0779 0x0768  AthBTPort - ok
19:37:51.0944 0x0768  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:37:52.0079 0x0768  athr - ok
19:37:52.0109 0x0768  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:37:52.0122 0x0768  AtiHDAudioService - ok
19:37:52.0184 0x0768  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:37:52.0225 0x0768  AudioEndpointBuilder - ok
19:37:52.0260 0x0768  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:37:52.0287 0x0768  AudioSrv - ok
19:37:52.0316 0x0768  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:37:52.0409 0x0768  AxInstSV - ok
19:37:52.0466 0x0768  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:37:52.0523 0x0768  b06bdrv - ok
19:37:52.0546 0x0768  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:37:52.0568 0x0768  b57nd60a - ok
19:37:52.0673 0x0768  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:37:52.0744 0x0768  BCM43XX - ok
19:37:52.0801 0x0768  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:37:52.0846 0x0768  BDESVC - ok
19:37:52.0873 0x0768  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:37:52.0941 0x0768  Beep - ok
19:37:52.0979 0x0768  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:37:53.0063 0x0768  BFE - ok
19:37:53.0119 0x0768  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:37:53.0350 0x0768  BITS - ok
19:37:53.0387 0x0768  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:37:53.0414 0x0768  blbdrive - ok
19:37:53.0439 0x0768  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:37:53.0493 0x0768  bowser - ok
19:37:53.0514 0x0768  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:37:53.0544 0x0768  BrFiltLo - ok
19:37:53.0564 0x0768  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:37:53.0593 0x0768  BrFiltUp - ok
19:37:53.0626 0x0768  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:37:53.0668 0x0768  Browser - ok
19:37:53.0706 0x0768  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:37:53.0765 0x0768  Brserid - ok
19:37:53.0776 0x0768  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:37:53.0807 0x0768  BrSerWdm - ok
19:37:53.0829 0x0768  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:37:53.0855 0x0768  BrUsbMdm - ok
19:37:53.0867 0x0768  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:37:53.0890 0x0768  BrUsbSer - ok
19:37:53.0941 0x0768  [ 7335A3995629B878164AB52BB6116F23, C5D52D98B890154B9DFA58C8763A77A74D26CE3DF7E4843C3E2504DF6A195423 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
19:37:53.0949 0x0768  Suspicious file ( Forged ): C:\Windows\system32\drivers\btath_a2dp.sys. Real md5: 7335A3995629B878164AB52BB6116F23, sha256: C5D52D98B890154B9DFA58C8763A77A74D26CE3DF7E4843C3E2504DF6A195423, fake md5: 21BF549E62D13A6533B6BC31C31473D2, fake sha256: 315AA51B29A07E368B65EEA3F1EEC1D61A023C120B54F1490E340C025BACD1F3
19:37:53.0950 0x0768  BTATH_A2DP - detected ForgedFile.Multi.Generic ( 1 )
19:37:53.0950 0x0768  BTATH_A2DP ( ForgedFile.Multi.Generic ) - warning
19:37:56.0491 0x0768  [ 7FC80CC57029715F8EA6714142462E1D, 6B3BD1AD38477EC64D43A65C679008BBFA274716C23C0BB721706B6072EF058B ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
19:37:56.0503 0x0768  Suspicious file ( Forged ): C:\Windows\system32\drivers\btath_avdt.sys. Real md5: 7FC80CC57029715F8EA6714142462E1D, sha256: 6B3BD1AD38477EC64D43A65C679008BBFA274716C23C0BB721706B6072EF058B, fake md5: AD5650FE6230263103D5EE546AAFBA5E, fake sha256: 92EA7C99904C7FE5A24AA90FB6467D19488404179F7B92E57C6C3A6601D3ED2C
19:37:56.0504 0x0768  btath_avdt - detected ForgedFile.Multi.Generic ( 1 )
19:37:58.0994 0x0768  btath_avdt ( ForgedFile.Multi.Generic ) - warning
19:38:01.0599 0x0768  [ E6B734A37ADE36FE1A77035F4E484C8C, 7F3AB1E0CF9F348633B3B325F5F365CCD4C7FF7E4564BDE02C2DA27A499D0234 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
19:38:01.0629 0x0768  BTATH_BUS - ok
19:38:01.0638 0x0768  BTATH_HCRP - ok
19:38:01.0699 0x0768  [ 371A11C1333BA526263A987A93ACDE3D, 80E15B815F2B6F4AFBDDB115C4F54126F5D2796F6ACB387DEA9C4A1C061EB7EB ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:38:01.0744 0x0768  BTATH_LWFLT - ok
19:38:01.0750 0x0768  BTATH_RCP - ok
19:38:01.0820 0x0768  [ 651A839118ADB99DD0225A1B784C81EE, E3380D7B81650696F21F88C54327006438082BB714390BB19B21A2B6335CD38E ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
19:38:01.0883 0x0768  BtFilter - ok
19:38:01.0910 0x0768  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
19:38:01.0949 0x0768  BthEnum - ok
19:38:01.0985 0x0768  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:38:02.0025 0x0768  BTHMODEM - ok
19:38:02.0069 0x0768  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:38:02.0115 0x0768  BthPan - ok
19:38:02.0175 0x0768  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
19:38:02.0272 0x0768  BTHPORT - ok
19:38:02.0310 0x0768  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:38:02.0378 0x0768  bthserv - ok
19:38:02.0390 0x0768  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
19:38:02.0412 0x0768  BTHUSB - ok
19:38:02.0598 0x0768  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:38:02.0647 0x0768  c2cautoupdatesvc - ok
19:38:02.0809 0x0768  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:38:02.0866 0x0768  c2cpnrsvc - ok
19:38:02.0896 0x0768  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:38:02.0959 0x0768  cdfs - ok
19:38:03.0001 0x0768  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:38:03.0031 0x0768  cdrom - ok
19:38:03.0069 0x0768  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:38:03.0128 0x0768  CertPropSvc - ok
19:38:03.0158 0x0768  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:38:03.0182 0x0768  circlass - ok
19:38:03.0262 0x0768  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:38:03.0311 0x0768  CLFS - ok
19:38:03.0404 0x0768  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:38:03.0430 0x0768  clr_optimization_v2.0.50727_32 - ok
19:38:03.0463 0x0768  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:38:03.0482 0x0768  clr_optimization_v2.0.50727_64 - ok
19:38:03.0570 0x0768  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:38:03.0598 0x0768  clr_optimization_v4.0.30319_32 - ok
19:38:03.0631 0x0768  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:38:03.0651 0x0768  clr_optimization_v4.0.30319_64 - ok
19:38:03.0682 0x0768  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
19:38:03.0694 0x0768  clwvd - ok
19:38:03.0716 0x0768  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:38:03.0744 0x0768  CmBatt - ok
19:38:03.0779 0x0768  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:38:03.0795 0x0768  cmdide - ok
19:38:03.0913 0x0768  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
19:38:04.0008 0x0768  CNG - ok
19:38:04.0050 0x0768  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:38:04.0072 0x0768  Compbatt - ok
19:38:04.0127 0x0768  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:38:04.0158 0x0768  CompositeBus - ok
19:38:04.0170 0x0768  COMSysApp - ok
19:38:04.0194 0x0768  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:38:04.0208 0x0768  crcdisk - ok
19:38:04.0277 0x0768  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:38:04.0356 0x0768  CryptSvc - ok
19:38:04.0471 0x0768  [ A12E79D8B5D57B0A764675595452AF20, C1DDF64130A42AECE52C5EED8F85DB4D32D83A3FAD900CD5B01C7B215EA93CB8 ] DATEV Update-Service C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe
19:38:04.0494 0x0768  DATEV Update-Service - ok
19:38:04.0546 0x0768  Datev.Database.Conserve - ok
19:38:04.0584 0x0768  Datev.Framework.RemoteServiceModel.EnablerService - ok
19:38:04.0591 0x0768  Datev.Framework.RemoteServices - ok
19:38:04.0624 0x0768  Datev.Irw.ServiceProvider.HostXcut.Server - ok
19:38:04.0641 0x0768  Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn - ok
19:38:04.0667 0x0768  Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn - ok
19:38:04.0721 0x0768  [ 5148CAD5CD4369B522F355DAE45EC626, 4F3046C06831B6F53445619FE6632C984C68E5E776AD073EF1F2B11190B014C2 ] DatevPrintService C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE
19:38:04.0757 0x0768  DatevPrintService - detected UnsignedFile.Multi.Generic ( 1 )
19:38:07.0209 0x0768  DatevPrintService ( UnsignedFile.Multi.Generic ) - warning
19:38:07.0209 0x0768  Force sending object to P2P due to detect: DatevPrintService
19:38:10.0683 0x0768  Object send P2P result: true
19:38:13.0346 0x0768  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:38:13.0436 0x0768  DcomLaunch - ok
19:38:13.0472 0x0768  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:38:13.0541 0x0768  defragsvc - ok
19:38:13.0574 0x0768  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:38:13.0622 0x0768  DfsC - ok
19:38:13.0632 0x0768  DgiVecp - ok
19:38:13.0688 0x0768  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:38:13.0756 0x0768  Dhcp - ok
19:38:13.0907 0x0768  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:38:14.0037 0x0768  DiagTrack - ok
19:38:14.0071 0x0768  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:38:14.0121 0x0768  discache - ok
19:38:14.0157 0x0768  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:38:14.0171 0x0768  Disk - ok
19:38:14.0222 0x0768  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:38:14.0278 0x0768  Dnscache - ok
19:38:14.0306 0x0768  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:38:14.0366 0x0768  dot3svc - ok
19:38:14.0393 0x0768  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:38:14.0457 0x0768  DPS - ok
19:38:14.0504 0x0768  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:38:14.0546 0x0768  drmkaud - ok
19:38:14.0628 0x0768  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:38:14.0749 0x0768  DXGKrnl - ok
19:38:14.0791 0x0768  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:38:14.0858 0x0768  EapHost - ok
19:38:15.0016 0x0768  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:38:15.0216 0x0768  ebdrv - ok
19:38:15.0251 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS             C:\Windows\System32\lsass.exe
19:38:15.0314 0x0768  EFS - ok
19:38:15.0423 0x0768  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:38:15.0591 0x0768  ehRecvr - ok
19:38:15.0616 0x0768  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:38:15.0651 0x0768  ehSched - ok
19:38:15.0721 0x0768  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:38:15.0768 0x0768  elxstor - ok
19:38:15.0792 0x0768  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:38:15.0821 0x0768  ErrDev - ok
19:38:15.0891 0x0768  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:38:15.0972 0x0768  EventSystem - ok
19:38:16.0077 0x0768  [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
19:38:16.0144 0x0768  ewusbmbb - ok
19:38:16.0183 0x0768  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:38:16.0226 0x0768  ew_hwusbdev - ok
19:38:16.0271 0x0768  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:38:16.0336 0x0768  exfat - ok
19:38:16.0359 0x0768  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:38:16.0427 0x0768  fastfat - ok
19:38:16.0486 0x0768  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:38:16.0575 0x0768  Fax - ok
19:38:16.0623 0x0768  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:38:16.0658 0x0768  fdc - ok
19:38:16.0687 0x0768  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:38:16.0735 0x0768  fdPHost - ok
19:38:16.0740 0x0768  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:38:16.0778 0x0768  FDResPub - ok
19:38:16.0796 0x0768  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:38:16.0810 0x0768  FileInfo - ok
19:38:16.0829 0x0768  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:38:16.0874 0x0768  Filetrace - ok
19:38:16.0897 0x0768  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:38:16.0926 0x0768  flpydisk - ok
19:38:16.0959 0x0768  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:38:16.0979 0x0768  FltMgr - ok
19:38:17.0080 0x0768  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
19:38:17.0199 0x0768  FontCache - ok
19:38:17.0257 0x0768  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:38:17.0278 0x0768  FontCache3.0.0.0 - ok
19:38:17.0325 0x0768  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:38:17.0342 0x0768  FsDepends - ok
19:38:17.0374 0x0768  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:38:17.0389 0x0768  Fs_Rec - ok
19:38:17.0449 0x0768  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:38:17.0494 0x0768  fvevol - ok
19:38:17.0521 0x0768  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:38:17.0537 0x0768  gagp30kx - ok
19:38:17.0635 0x0768  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:38:17.0727 0x0768  gpsvc - ok
19:38:17.0813 0x0768  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:38:17.0837 0x0768  gupdate - ok
19:38:17.0846 0x0768  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:38:17.0859 0x0768  gupdatem - ok
19:38:17.0896 0x0768  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:38:17.0913 0x0768  gusvc - ok
19:38:17.0942 0x0768  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:38:17.0987 0x0768  hcw85cir - ok
19:38:18.0036 0x0768  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:38:18.0069 0x0768  HdAudAddService - ok
19:38:18.0103 0x0768  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:38:18.0140 0x0768  HDAudBus - ok
19:38:18.0164 0x0768  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
19:38:18.0176 0x0768  HECIx64 - ok
19:38:18.0202 0x0768  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:38:18.0234 0x0768  HidBatt - ok
19:38:18.0253 0x0768  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:38:18.0277 0x0768  HidBth - ok
19:38:18.0301 0x0768  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:38:18.0326 0x0768  HidIr - ok
19:38:18.0346 0x0768  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:38:18.0427 0x0768  hidserv - ok
19:38:18.0487 0x0768  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
19:38:18.0523 0x0768  HidUsb - ok
19:38:18.0546 0x0768  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:38:18.0613 0x0768  hkmsvc - ok
19:38:18.0633 0x0768  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:38:18.0676 0x0768  HomeGroupListener - ok
19:38:18.0714 0x0768  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:38:18.0745 0x0768  HomeGroupProvider - ok
19:38:18.0868 0x0768  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:38:18.0885 0x0768  HP Support Assistant Service - ok
19:38:18.0990 0x0768  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
19:38:19.0008 0x0768  HP Wireless Assistant Service - ok
19:38:19.0111 0x0768  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:38:19.0149 0x0768  hpqwmiex - ok
19:38:19.0188 0x0768  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:38:19.0203 0x0768  HpSAMD - ok
19:38:19.0244 0x0768  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:38:19.0254 0x0768  HPWMISVC - ok
19:38:19.0332 0x0768  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:38:19.0430 0x0768  HTTP - ok
19:38:19.0486 0x0768  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:38:19.0517 0x0768  huawei_enumerator - ok
19:38:19.0565 0x0768  [ 4B80AF36EE9F31361C1DCB2EE563719A, 6729ABDFBADA03DF0EBC71B4A898951B797B9640E718D42B9669A0396F1BE730 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:38:19.0638 0x0768  hwdatacard - ok
19:38:19.0761 0x0768  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
19:38:19.0787 0x0768  HWDeviceService64.exe - ok
19:38:19.0831 0x0768  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:38:19.0845 0x0768  hwpolicy - ok
19:38:19.0880 0x0768  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:38:19.0900 0x0768  i8042prt - ok
19:38:19.0981 0x0768  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:38:20.0008 0x0768  iaStor - ok
19:38:20.0126 0x0768  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:38:20.0143 0x0768  IAStorDataMgrSvc - ok
19:38:20.0192 0x0768  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:38:20.0245 0x0768  iaStorV - ok
19:38:20.0386 0x0768  [ E4693409D06785477A49FB34AFAE1B92, 3855CE03672D73084BBAC219F2B350CF22608A82828F82A9E842034F6A975F14 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:38:20.0492 0x0768  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
19:38:22.0939 0x0768  Detect skipped due to KSN trusted
19:38:22.0939 0x0768  IconMan_R - ok
19:38:23.0087 0x0768  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:38:23.0158 0x0768  idsvc - ok
19:38:23.0199 0x0768  IEEtwCollectorService - ok
19:38:23.0232 0x0768  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:38:23.0255 0x0768  iirsp - ok
19:38:23.0324 0x0768  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:38:23.0388 0x0768  IKEEXT - ok
19:38:23.0545 0x0768  [ 336C3A6BF14D5A9AF35AF07C6B6B29CD, 44344C077F4855193277CA9A4058826252853BA241A296D6A7DB1AD32215D266 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:38:23.0690 0x0768  IntcAzAudAddService - ok
19:38:23.0725 0x0768  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:38:23.0737 0x0768  intelide - ok
19:38:23.0781 0x0768  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:38:23.0813 0x0768  intelppm - ok
19:38:23.0840 0x0768  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:38:23.0894 0x0768  IPBusEnum - ok
19:38:23.0934 0x0768  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:38:23.0996 0x0768  IpFilterDriver - ok
19:38:24.0062 0x0768  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:38:24.0123 0x0768  iphlpsvc - ok
19:38:24.0144 0x0768  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:38:24.0177 0x0768  IPMIDRV - ok
19:38:24.0217 0x0768  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:38:24.0294 0x0768  IPNAT - ok
19:38:24.0333 0x0768  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:38:24.0374 0x0768  IRENUM - ok
19:38:24.0386 0x0768  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:38:24.0399 0x0768  isapnp - ok
19:38:24.0446 0x0768  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:38:24.0468 0x0768  iScsiPrt - ok
19:38:24.0496 0x0768  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:38:24.0510 0x0768  kbdclass - ok
19:38:24.0527 0x0768  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:38:24.0560 0x0768  kbdhid - ok
19:38:24.0582 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
19:38:24.0595 0x0768  KeyIso - ok
19:38:24.0623 0x0768  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:38:24.0638 0x0768  KSecDD - ok
19:38:24.0664 0x0768  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:38:24.0688 0x0768  KSecPkg - ok
19:38:24.0735 0x0768  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:38:24.0781 0x0768  ksthunk - ok
19:38:24.0841 0x0768  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:38:24.0925 0x0768  KtmRm - ok
19:38:24.0972 0x0768  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:38:25.0020 0x0768  LanmanServer - ok
19:38:25.0046 0x0768  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:38:25.0100 0x0768  LanmanWorkstation - ok
19:38:25.0131 0x0768  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:38:25.0187 0x0768  lltdio - ok
19:38:25.0224 0x0768  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:38:25.0280 0x0768  lltdsvc - ok
19:38:25.0294 0x0768  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:38:25.0341 0x0768  lmhosts - ok
19:38:25.0427 0x0768  [ F40692F0FBEDE1BB5D636734CD93354E, 244438BD6CB91DEC588B3FB8DA468CED5474356EEF86452A91E892201B507DBA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:38:25.0452 0x0768  LMS - ok
19:38:25.0496 0x0768  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:38:25.0512 0x0768  LSI_FC - ok
19:38:25.0536 0x0768  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:38:25.0553 0x0768  LSI_SAS - ok
19:38:25.0574 0x0768  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:38:25.0588 0x0768  LSI_SAS2 - ok
19:38:25.0609 0x0768  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:38:25.0625 0x0768  LSI_SCSI - ok
19:38:25.0661 0x0768  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:38:25.0704 0x0768  luafv - ok
19:38:25.0765 0x0768  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:38:25.0777 0x0768  MBAMProtector - ok
19:38:25.0905 0x0768  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:38:25.0970 0x0768  MBAMService - ok
19:38:25.0992 0x0768  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:38:26.0005 0x0768  MBAMWebAccessControl - ok
19:38:26.0052 0x0768  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:38:26.0088 0x0768  Mcx2Svc - ok
19:38:26.0126 0x0768  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:38:26.0148 0x0768  megasas - ok
19:38:26.0211 0x0768  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:38:26.0260 0x0768  MegaSR - ok
19:38:26.0302 0x0768  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:38:26.0352 0x0768  MMCSS - ok
19:38:26.0427 0x0768  [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
19:38:26.0546 0x0768  Mobile Partner. RunOuc - ok
19:38:26.0572 0x0768  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:38:26.0612 0x0768  Modem - ok
19:38:26.0659 0x0768  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:38:26.0699 0x0768  monitor - ok
19:38:26.0734 0x0768  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:38:26.0748 0x0768  mouclass - ok
19:38:26.0772 0x0768  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:38:26.0788 0x0768  mouhid - ok
19:38:26.0845 0x0768  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:38:26.0861 0x0768  mountmgr - ok
19:38:26.0926 0x0768  [ 7EDBBB9351A38C6BB0FE98CFD44DB430, FF77429D7FF3429AD15FD29B4F0F1CF1DA66F69651BCA9525889EDD47AB0306D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:38:26.0951 0x0768  MozillaMaintenance - ok
19:38:27.0036 0x0768  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:38:27.0069 0x0768  MpFilter - ok
19:38:27.0095 0x0768  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:38:27.0112 0x0768  mpio - ok
19:38:27.0128 0x0768  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:38:27.0170 0x0768  mpsdrv - ok
19:38:27.0227 0x0768  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:38:27.0309 0x0768  MpsSvc - ok
19:38:27.0355 0x0768  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:38:27.0391 0x0768  MRxDAV - ok
19:38:27.0428 0x0768  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:38:27.0537 0x0768  mrxsmb - ok
19:38:27.0574 0x0768  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:38:27.0664 0x0768  mrxsmb10 - ok
19:38:27.0690 0x0768  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:38:27.0727 0x0768  mrxsmb20 - ok
19:38:27.0765 0x0768  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:38:27.0779 0x0768  msahci - ok
19:38:27.0840 0x0768  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:38:27.0855 0x0768  MSCamSvc - ok
19:38:27.0877 0x0768  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:38:27.0896 0x0768  msdsm - ok
19:38:27.0929 0x0768  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:38:27.0951 0x0768  MSDTC - ok
19:38:27.0983 0x0768  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:38:28.0040 0x0768  Msfs - ok
19:38:28.0060 0x0768  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:38:28.0118 0x0768  mshidkmdf - ok
19:38:28.0161 0x0768  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
19:38:28.0172 0x0768  MSHUSBVideo - ok
19:38:28.0199 0x0768  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:38:28.0213 0x0768  msisadrv - ok
19:38:28.0250 0x0768  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:38:28.0320 0x0768  MSiSCSI - ok
19:38:28.0326 0x0768  msiserver - ok
19:38:28.0388 0x0768  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:38:28.0460 0x0768  MSKSSRV - ok
19:38:28.0556 0x0768  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:38:28.0581 0x0768  MsMpSvc - ok
19:38:28.0616 0x0768  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:38:28.0661 0x0768  MSPCLOCK - ok
19:38:28.0674 0x0768  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:38:28.0719 0x0768  MSPQM - ok
19:38:28.0746 0x0768  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:38:28.0781 0x0768  MsRPC - ok
19:38:28.0809 0x0768  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:38:28.0823 0x0768  mssmbios - ok
19:38:28.0940 0x0768  MSSQL$DATEV_DBENGINE - ok
19:38:28.0987 0x0768  [ 7CA59786A24DCEECFCC4626C7DFEC1A8, 67A405590A01D4DF19343D016F87C6FECAEECB11D524F80DD5FAEAF20FD192CA ] MSSQLFDLauncher$DATEV_DBENGINE C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
19:38:29.0012 0x0768  MSSQLFDLauncher$DATEV_DBENGINE - ok
19:38:29.0110 0x0768  [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:38:29.0131 0x0768  MSSQLServerADHelper100 - ok
19:38:29.0161 0x0768  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:38:29.0229 0x0768  MSTEE - ok
19:38:29.0243 0x0768  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:38:29.0274 0x0768  MTConfig - ok
19:38:29.0292 0x0768  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:38:29.0307 0x0768  Mup - ok
19:38:29.0343 0x0768  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:38:29.0415 0x0768  napagent - ok
19:38:29.0457 0x0768  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:38:29.0495 0x0768  NativeWifiP - ok
19:38:29.0559 0x0768  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:38:29.0613 0x0768  NDIS - ok
19:38:29.0631 0x0768  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:38:29.0688 0x0768  NdisCap - ok
19:38:29.0729 0x0768  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:38:29.0768 0x0768  NdisTapi - ok
19:38:29.0791 0x0768  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:38:29.0831 0x0768  Ndisuio - ok
19:38:29.0850 0x0768  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:38:29.0899 0x0768  NdisWan - ok
19:38:29.0923 0x0768  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:38:29.0978 0x0768  NDProxy - ok
19:38:30.0001 0x0768  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:38:30.0081 0x0768  NetBIOS - ok
19:38:30.0111 0x0768  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:38:30.0166 0x0768  NetBT - ok
19:38:30.0202 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
19:38:30.0214 0x0768  Netlogon - ok
19:38:30.0250 0x0768  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:38:30.0315 0x0768  Netman - ok
19:38:30.0401 0x0768  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:38:30.0431 0x0768  NetMsmqActivator - ok
19:38:30.0463 0x0768  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:38:30.0481 0x0768  NetPipeActivator - ok
19:38:30.0517 0x0768  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:38:30.0581 0x0768  netprofm - ok
19:38:30.0588 0x0768  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:38:30.0605 0x0768  NetTcpActivator - ok
19:38:30.0612 0x0768  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:38:30.0629 0x0768  NetTcpPortSharing - ok
19:38:30.0656 0x0768  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:38:30.0669 0x0768  nfrd960 - ok
19:38:30.0714 0x0768  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:38:30.0731 0x0768  NisDrv - ok
19:38:30.0782 0x0768  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:38:30.0806 0x0768  NisSrv - ok
19:38:30.0847 0x0768  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:38:30.0906 0x0768  NlaSvc - ok
19:38:30.0932 0x0768  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:38:30.0982 0x0768  Npfs - ok
19:38:31.0002 0x0768  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:38:31.0046 0x0768  nsi - ok
19:38:31.0061 0x0768  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:38:31.0113 0x0768  nsiproxy - ok
19:38:31.0225 0x0768  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:38:31.0303 0x0768  Ntfs - ok
19:38:31.0337 0x0768  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:38:31.0398 0x0768  Null - ok
19:38:31.0447 0x0768  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
19:38:31.0498 0x0768  NVENETFD - ok
19:38:31.0544 0x0768  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:38:31.0565 0x0768  nvraid - ok
19:38:31.0600 0x0768  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:38:31.0616 0x0768  nvstor - ok
19:38:31.0637 0x0768  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:38:31.0653 0x0768  nv_agp - ok
19:38:31.0682 0x0768  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:38:31.0715 0x0768  ohci1394 - ok
19:38:31.0792 0x0768  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:38:31.0816 0x0768  ose - ok
19:38:31.0862 0x0768  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:38:31.0938 0x0768  p2pimsvc - ok
19:38:31.0989 0x0768  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:38:32.0047 0x0768  p2psvc - ok
19:38:32.0076 0x0768  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:38:32.0105 0x0768  Parport - ok
19:38:32.0137 0x0768  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:38:32.0151 0x0768  partmgr - ok
19:38:32.0189 0x0768  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:38:32.0228 0x0768  PcaSvc - ok
19:38:32.0249 0x0768  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:38:32.0269 0x0768  pci - ok
19:38:32.0291 0x0768  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:38:32.0303 0x0768  pciide - ok
19:38:32.0337 0x0768  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:38:32.0357 0x0768  pcmcia - ok
19:38:32.0385 0x0768  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:38:32.0398 0x0768  pcw - ok
19:38:32.0466 0x0768  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:38:32.0518 0x0768  PEAUTH - ok
19:38:32.0621 0x0768  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:38:32.0649 0x0768  PerfHost - ok
19:38:32.0750 0x0768  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:38:32.0906 0x0768  pla - ok
19:38:32.0978 0x0768  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:38:33.0063 0x0768  PlugPlay - ok
19:38:33.0091 0x0768  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:38:33.0122 0x0768  PNRPAutoReg - ok
19:38:33.0163 0x0768  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:38:33.0191 0x0768  PNRPsvc - ok
19:38:33.0230 0x0768  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:38:33.0294 0x0768  PolicyAgent - ok
19:38:33.0323 0x0768  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:38:33.0371 0x0768  Power - ok
19:38:33.0410 0x0768  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:38:33.0460 0x0768  PptpMiniport - ok
19:38:33.0488 0x0768  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:38:33.0512 0x0768  Processor - ok
19:38:33.0561 0x0768  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:38:33.0624 0x0768  ProfSvc - ok
19:38:33.0645 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:38:33.0663 0x0768  ProtectedStorage - ok
19:38:33.0710 0x0768  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:38:33.0779 0x0768  Psched - ok
19:38:33.0870 0x0768  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:38:33.0996 0x0768  ql2300 - ok
19:38:34.0021 0x0768  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:38:34.0038 0x0768  ql40xx - ok
19:38:34.0071 0x0768  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:38:34.0101 0x0768  QWAVE - ok
19:38:34.0114 0x0768  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:38:34.0136 0x0768  QWAVEdrv - ok
19:38:34.0155 0x0768  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:38:34.0214 0x0768  RasAcd - ok
19:38:34.0241 0x0768  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:38:34.0290 0x0768  RasAgileVpn - ok
19:38:34.0318 0x0768  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:38:34.0360 0x0768  RasAuto - ok
19:38:34.0383 0x0768  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:38:34.0435 0x0768  Rasl2tp - ok
19:38:34.0485 0x0768  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:38:34.0582 0x0768  RasMan - ok
19:38:34.0607 0x0768  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:38:34.0658 0x0768  RasPppoe - ok
19:38:34.0688 0x0768  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:38:34.0746 0x0768  RasSstp - ok
19:38:34.0779 0x0768  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:38:34.0841 0x0768  rdbss - ok
19:38:34.0884 0x0768  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:38:34.0902 0x0768  rdpbus - ok
19:38:34.0932 0x0768  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:38:34.0995 0x0768  RDPCDD - ok
19:38:35.0043 0x0768  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:38:35.0101 0x0768  RDPENCDD - ok
19:38:35.0134 0x0768  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:38:35.0191 0x0768  RDPREFMP - ok
19:38:35.0286 0x0768  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:38:35.0352 0x0768  RdpVideoMiniport - ok
19:38:35.0402 0x0768  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:38:35.0464 0x0768  RDPWD - ok
19:38:35.0513 0x0768  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:38:35.0532 0x0768  rdyboost - ok
19:38:35.0558 0x0768  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:38:35.0601 0x0768  RemoteAccess - ok
19:38:35.0634 0x0768  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:38:35.0691 0x0768  RemoteRegistry - ok
19:38:35.0727 0x0768  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:38:35.0763 0x0768  RFCOMM - ok
19:38:35.0797 0x0768  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:38:35.0857 0x0768  RpcEptMapper - ok
19:38:35.0886 0x0768  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:38:35.0905 0x0768  RpcLocator - ok
19:38:35.0939 0x0768  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:38:36.0003 0x0768  RpcSs - ok
19:38:36.0126 0x0768  [ 40A40273242CD65F80DC48CA26C0CFA5, AE0119D192298590734F4DBF3777404E658B8EC00C4D36A8978E882B8F8CABB3 ] RsFx0153        C:\Windows\system32\DRIVERS\RsFx0153.sys
19:38:36.0183 0x0768  RsFx0153 - ok
19:38:36.0228 0x0768  [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
19:38:36.0250 0x0768  RSPCIESTOR - ok
19:38:36.0288 0x0768  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:38:36.0349 0x0768  rspndr - ok
19:38:36.0376 0x0768  [ 3372196F61AF48503656EF6AA3E92D1B, 47816E28E9DE9F9698A47D7C7782D2F9E62D51A7BC92F91F2B23F818C61F2020 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:38:36.0407 0x0768  RTL8167 - ok
19:38:36.0430 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs           C:\Windows\system32\lsass.exe
19:38:36.0445 0x0768  SamSs - ok
19:38:36.0465 0x0768  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:38:36.0484 0x0768  sbp2port - ok
19:38:36.0516 0x0768  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:38:36.0566 0x0768  SCardSvr - ok
19:38:36.0580 0x0768  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:38:36.0626 0x0768  scfilter - ok
19:38:36.0673 0x0768  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:38:36.0774 0x0768  Schedule - ok
19:38:36.0812 0x0768  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:38:36.0850 0x0768  SCPolicySvc - ok
19:38:36.0897 0x0768  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:38:36.0917 0x0768  sdbus - ok
19:38:36.0952 0x0768  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:38:36.0989 0x0768  SDRSVC - ok
19:38:37.0019 0x0768  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:38:37.0064 0x0768  secdrv - ok
19:38:37.0117 0x0768  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:38:37.0201 0x0768  seclogon - ok
19:38:37.0223 0x0768  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:38:37.0280 0x0768  SENS - ok
19:38:37.0311 0x0768  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:38:37.0385 0x0768  SensrSvc - ok
19:38:37.0418 0x0768  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:38:37.0439 0x0768  Serenum - ok
19:38:37.0458 0x0768  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:38:37.0483 0x0768  Serial - ok
19:38:37.0531 0x0768  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:38:37.0546 0x0768  sermouse - ok
19:38:37.0580 0x0768  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:38:37.0636 0x0768  SessionEnv - ok
19:38:37.0655 0x0768  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:38:37.0688 0x0768  sffdisk - ok
19:38:37.0711 0x0768  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:38:37.0743 0x0768  sffp_mmc - ok
19:38:37.0758 0x0768  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:38:37.0779 0x0768  sffp_sd - ok
19:38:37.0813 0x0768  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:38:37.0857 0x0768  sfloppy - ok
19:38:37.0899 0x0768  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:38:37.0976 0x0768  SharedAccess - ok
19:38:38.0016 0x0768  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:38:38.0085 0x0768  ShellHWDetection - ok
19:38:38.0118 0x0768  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:38:38.0133 0x0768  SiSRaid2 - ok
19:38:38.0166 0x0768  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:38:38.0181 0x0768  SiSRaid4 - ok
19:38:38.0280 0x0768  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:38:38.0336 0x0768  SkypeUpdate - ok
19:38:38.0394 0x0768  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:38:38.0471 0x0768  Smb - ok
19:38:38.0506 0x0768  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:38:38.0543 0x0768  SNMPTRAP - ok
19:38:38.0565 0x0768  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:38:38.0578 0x0768  spldr - ok
19:38:38.0644 0x0768  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:38:38.0705 0x0768  Spooler - ok
19:38:38.0868 0x0768  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:38:39.0077 0x0768  sppsvc - ok
19:38:39.0108 0x0768  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:38:39.0150 0x0768  sppuinotify - ok
19:38:39.0305 0x0768  [ CB97FDCC8EAED86036137A41AF5D3E66, 20556D95754B8FEF8A5A50B283F0FC721DC751507A98CD3A491B31253008E167 ] SQLAgent$DATEV_DBENGINE C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE
19:38:39.0369 0x0768  SQLAgent$DATEV_DBENGINE - ok
19:38:39.0466 0x0768  [ 7F37589E64A7C35AB67D0D8C8F53652B, D389FDF5CF7F4926BFDE966E2E92FAE3AFE5C0ACBDAB40E74A1B5D9F3525101E ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:38:39.0500 0x0768  SQLBrowser - ok
19:38:39.0632 0x0768  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:38:39.0654 0x0768  SQLWriter - ok
19:38:39.0695 0x0768  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:38:39.0755 0x0768  srv - ok
19:38:39.0786 0x0768  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:38:39.0832 0x0768  srv2 - ok
19:38:39.0870 0x0768  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:38:39.0918 0x0768  SrvHsfHDA - ok
19:38:39.0982 0x0768  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:38:40.0059 0x0768  SrvHsfV92 - ok
19:38:40.0101 0x0768  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:38:40.0172 0x0768  SrvHsfWinac - ok
19:38:40.0207 0x0768  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:38:40.0226 0x0768  srvnet - ok
19:38:40.0270 0x0768  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:38:40.0319 0x0768  SSDPSRV - ok
19:38:40.0413 0x0768  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
19:38:40.0435 0x0768  SSPORT - ok
19:38:40.0473 0x0768  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:38:40.0543 0x0768  SstpSvc - ok
19:38:40.0571 0x0768  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:38:40.0584 0x0768  stexstor - ok
19:38:40.0629 0x0768  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:38:40.0685 0x0768  stisvc - ok
19:38:40.0707 0x0768  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:38:40.0721 0x0768  swenum - ok
19:38:40.0749 0x0768  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:38:40.0818 0x0768  swprv - ok
19:38:40.0887 0x0768  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:38:40.0936 0x0768  SynTP - ok
19:38:41.0043 0x0768  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
19:38:41.0174 0x0768  SysMain - ok
19:38:41.0198 0x0768  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:38:41.0223 0x0768  TabletInputService - ok
19:38:41.0252 0x0768  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:38:41.0314 0x0768  TapiSrv - ok
19:38:41.0328 0x0768  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:38:41.0387 0x0768  TBS - ok
19:38:41.0499 0x0768  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:38:41.0652 0x0768  Tcpip - ok
19:38:41.0758 0x0768  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:38:41.0815 0x0768  TCPIP6 - ok
19:38:41.0850 0x0768  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:38:41.0878 0x0768  tcpipreg - ok
19:38:41.0902 0x0768  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:38:41.0946 0x0768  TDPIPE - ok
19:38:41.0963 0x0768  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:38:41.0980 0x0768  TDTCP - ok
19:38:42.0031 0x0768  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:38:42.0077 0x0768  tdx - ok
19:38:42.0103 0x0768  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:38:42.0126 0x0768  TermDD - ok
19:38:42.0184 0x0768  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:38:42.0261 0x0768  TermService - ok
19:38:42.0278 0x0768  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:38:42.0317 0x0768  Themes - ok
19:38:42.0342 0x0768  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:38:42.0387 0x0768  THREADORDER - ok
19:38:42.0432 0x0768  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:38:42.0499 0x0768  TrkWks - ok
19:38:42.0558 0x0768  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:38:42.0675 0x0768  TrustedInstaller - ok
19:38:42.0714 0x0768  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:38:42.0732 0x0768  tssecsrv - ok
19:38:42.0778 0x0768  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:38:42.0841 0x0768  TsUsbFlt - ok
19:38:42.0880 0x0768  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:38:43.0019 0x0768  TsUsbGD - ok
19:38:43.0065 0x0768  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:38:43.0134 0x0768  tunnel - ok
19:38:43.0166 0x0768  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:38:43.0180 0x0768  uagp35 - ok
19:38:43.0219 0x0768  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:38:43.0283 0x0768  udfs - ok
19:38:43.0311 0x0768  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:38:43.0347 0x0768  UI0Detect - ok
19:38:43.0369 0x0768  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:38:43.0386 0x0768  uliagpkx - ok
19:38:43.0425 0x0768  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:38:43.0450 0x0768  umbus - ok
19:38:43.0467 0x0768  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:38:43.0485 0x0768  UmPass - ok
19:38:43.0665 0x0768  [ 493BB5CB35DE270439ED11E616F04724, 788654DCF25C40C1E1A0A6EB1D206237A726BEC64FE243FD8A8195413EADA3DE ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:38:43.0729 0x0768  UNS - ok
19:38:43.0761 0x0768  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:38:43.0810 0x0768  upnphost - ok
19:38:43.0867 0x0768  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:38:43.0914 0x0768  usbaudio - ok
19:38:43.0953 0x0768  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:38:44.0010 0x0768  usbccgp - ok
19:38:44.0065 0x0768  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:38:44.0119 0x0768  usbcir - ok
19:38:44.0167 0x0768  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:38:44.0203 0x0768  usbehci - ok
19:38:44.0248 0x0768  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:38:44.0310 0x0768  usbhub - ok
19:38:44.0345 0x0768  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:38:44.0379 0x0768  usbohci - ok
19:38:44.0415 0x0768  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:38:44.0441 0x0768  usbprint - ok
19:38:44.0489 0x0768  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:38:44.0547 0x0768  usbscan - ok
19:38:44.0581 0x0768  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:38:44.0621 0x0768  USBSTOR - ok
19:38:44.0652 0x0768  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:38:44.0675 0x0768  usbuhci - ok
19:38:44.0743 0x0768  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:38:44.0785 0x0768  usbvideo - ok
19:38:44.0811 0x0768  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:38:44.0865 0x0768  UxSms - ok
19:38:44.0897 0x0768  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
19:38:44.0910 0x0768  VaultSvc - ok
19:38:44.0938 0x0768  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:38:44.0952 0x0768  vdrvroot - ok
19:38:44.0989 0x0768  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:38:45.0067 0x0768  vds - ok
19:38:45.0112 0x0768  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:38:45.0133 0x0768  vga - ok
19:38:45.0147 0x0768  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:38:45.0196 0x0768  VgaSave - ok
19:38:45.0228 0x0768  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:38:45.0247 0x0768  vhdmp - ok
19:38:45.0311 0x0768  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:38:45.0335 0x0768  viaide - ok
19:38:45.0369 0x0768  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:38:45.0384 0x0768  volmgr - ok
19:38:45.0409 0x0768  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:38:45.0433 0x0768  volmgrx - ok
19:38:45.0464 0x0768  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:38:45.0486 0x0768  volsnap - ok
19:38:45.0507 0x0768  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:38:45.0525 0x0768  vsmraid - ok
19:38:45.0623 0x0768  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:38:45.0758 0x0768  VSS - ok
19:38:45.0771 0x0768  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:38:45.0795 0x0768  vwifibus - ok
19:38:45.0825 0x0768  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:38:45.0846 0x0768  vwififlt - ok
19:38:45.0894 0x0768  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:38:45.0972 0x0768  W32Time - ok
19:38:45.0985 0x0768  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:38:46.0005 0x0768  WacomPen - ok
19:38:46.0043 0x0768  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:38:46.0094 0x0768  WANARP - ok
19:38:46.0100 0x0768  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:38:46.0139 0x0768  Wanarpv6 - ok
19:38:46.0274 0x0768  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:38:46.0365 0x0768  WatAdminSvc - ok
19:38:46.0481 0x0768  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:38:46.0619 0x0768  wbengine - ok
19:38:46.0642 0x0768  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:38:46.0683 0x0768  WbioSrvc - ok
19:38:46.0698 0x0768  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:38:46.0744 0x0768  wcncsvc - ok
19:38:46.0767 0x0768  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:38:46.0802 0x0768  WcsPlugInService - ok
19:38:46.0834 0x0768  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:38:46.0849 0x0768  Wd - ok
19:38:46.0930 0x0768  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:38:47.0002 0x0768  Wdf01000 - ok
19:38:47.0062 0x0768  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:38:47.0129 0x0768  WdiServiceHost - ok
19:38:47.0138 0x0768  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:38:47.0163 0x0768  WdiSystemHost - ok
19:38:47.0223 0x0768  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
19:38:47.0264 0x0768  WebClient - ok
19:38:47.0299 0x0768  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:38:47.0361 0x0768  Wecsvc - ok
19:38:47.0376 0x0768  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:38:47.0440 0x0768  wercplsupport - ok
19:38:47.0462 0x0768  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:38:47.0503 0x0768  WerSvc - ok
19:38:47.0565 0x0768  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:38:47.0631 0x0768  WfpLwf - ok
19:38:47.0648 0x0768  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:38:47.0662 0x0768  WIMMount - ok
19:38:47.0694 0x0768  WinDefend - ok
19:38:47.0715 0x0768  WinHttpAutoProxySvc - ok
19:38:47.0788 0x0768  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:38:47.0872 0x0768  Winmgmt - ok
19:38:47.0977 0x0768  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:38:48.0109 0x0768  WinRM - ok
19:38:48.0167 0x0768  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:38:48.0187 0x0768  WinUsb - ok
19:38:48.0245 0x0768  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:38:48.0323 0x0768  Wlansvc - ok
19:38:48.0471 0x0768  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:38:48.0535 0x0768  wlidsvc - ok
19:38:48.0577 0x0768  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:38:48.0612 0x0768  WmiAcpi - ok
19:38:48.0637 0x0768  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:38:48.0666 0x0768  wmiApSrv - ok
19:38:48.0686 0x0768  WMPNetworkSvc - ok
19:38:48.0718 0x0768  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:38:48.0744 0x0768  WPCSvc - ok
19:38:48.0764 0x0768  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:38:48.0809 0x0768  WPDBusEnum - ok
19:38:48.0838 0x0768  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:38:48.0883 0x0768  ws2ifsl - ok
19:38:48.0904 0x0768  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:38:48.0927 0x0768  wscsvc - ok
19:38:48.0932 0x0768  WSearch - ok
19:38:49.0103 0x0768  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:38:49.0280 0x0768  wuauserv - ok
19:38:49.0313 0x0768  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:38:49.0344 0x0768  WudfPf - ok
19:38:49.0382 0x0768  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:38:49.0417 0x0768  WUDFRd - ok
19:38:49.0438 0x0768  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:38:49.0469 0x0768  wudfsvc - ok
19:38:49.0510 0x0768  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:38:49.0550 0x0768  WwanSvc - ok
19:38:49.0655 0x0768  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:38:49.0699 0x0768  YahooAUService - ok
19:38:49.0788 0x0768  [ 28B051B78471FC290C1790623D5908E1, 01B711DAC7290B5DBBA5AF49E69FC906BE0A1BF40EFB372A0DA1FB59F0BA9983 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
19:38:49.0825 0x0768  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:38:52.0272 0x0768  Detect skipped due to KSN trusted
19:38:52.0272 0x0768  ZAtheros Bt&Wlan Coex Agent - ok
19:38:52.0468 0x0768  ================ Scan global ===============================

berndi78 · 20.08.2015, 18:46

Code:

ATTFilter

19:38:52.0513 0x0768  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:38:52.0560 0x0768  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
19:38:52.0585 0x0768  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
19:38:52.0624 0x0768  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:38:52.0682 0x0768  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:38:52.0693 0x0768  [ Global ] - ok
19:38:52.0695 0x0768  ================ Scan MBR ==================================
19:38:52.0711 0x0768  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:38:53.0176 0x0768  \Device\Harddisk0\DR0 - ok
19:38:53.0176 0x0768  ================ Scan VBR ==================================
19:38:53.0180 0x0768  [ 0C55949F2FA0C1C7AAE569674E015E4A ] \Device\Harddisk0\DR0\Partition1
19:38:53.0183 0x0768  \Device\Harddisk0\DR0\Partition1 - ok
19:38:53.0187 0x0768  [ 14E6BC5A78CECE67F63967BDFA3E0AE9 ] \Device\Harddisk0\DR0\Partition2
19:38:53.0191 0x0768  \Device\Harddisk0\DR0\Partition2 - ok
19:38:53.0195 0x0768  [ 599FA7BA2AF93D3EE918CE519647CF12 ] \Device\Harddisk0\DR0\Partition3
19:38:53.0198 0x0768  \Device\Harddisk0\DR0\Partition3 - ok
19:38:53.0215 0x0768  [ 582E52080EFE577C14D7FA79CE1EC837 ] \Device\Harddisk0\DR0\Partition4
19:38:53.0217 0x0768  \Device\Harddisk0\DR0\Partition4 - ok
19:38:53.0218 0x0768  ================ Scan generic autorun ======================
19:38:53.0502 0x0768  [ B3BCDF8DB13D529261745FD8DDCE8A5B, 5C8B550053DD64641B0FBF465FB4FB557CB34FFA8F43F0901E762B4A93FF8A05 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:38:53.0665 0x0768  RTHDVCPL - ok
19:38:53.0673 0x0768  SynTPEnh - ok
19:38:53.0715 0x0768  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
19:38:53.0800 0x0768  HPWirelessAssistant - detected UnsignedFile.Multi.Generic ( 1 )
19:38:56.0251 0x0768  Detect skipped due to KSN trusted
19:38:56.0252 0x0768  HPWirelessAssistant - ok
19:38:56.0412 0x0768  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
19:38:56.0469 0x0768  MSC - ok
19:38:56.0525 0x0768  [ AB21872206AE5E1AD9D3B3DC9D145999, E8EB150CF19767CF20AECCF621D13DAF706396C3581E41AC04341E42B5F31F00 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
19:38:56.0563 0x0768  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
19:38:59.0007 0x0768  Detect skipped due to KSN trusted
19:38:59.0007 0x0768  AtherosBtStack - ok
19:38:59.0127 0x0768  [ 3653C5E9E71201192E67C92AE83092E0, 185EC18707F7ED6DF406CDCCF92A24CC6A90A48DA300DD4C8AD68567E7694E9D ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
19:38:59.0166 0x0768  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
19:39:01.0607 0x0768  Detect skipped due to KSN trusted
19:39:01.0607 0x0768  AthBtTray - ok
19:39:01.0725 0x0768  [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
19:39:01.0748 0x0768  IAStorIcon - ok
19:39:01.0808 0x0768  [ 2F95FF9F837A8D135F303B6AF8F52763, C6AD01CA9A30F2B603C3A5DBD8A4DD3B7FAF3906CF4DE2332B5A66C3FE4098EA ] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
19:39:01.0849 0x0768  Samsung PanelMgr - detected UnsignedFile.Multi.Generic ( 1 )
19:39:04.0337 0x0768  Detect skipped due to KSN trusted
19:39:04.0337 0x0768  Samsung PanelMgr - ok
19:39:04.0585 0x0768  [ 47ECED6CBB05BA4DC05DE6E043DA0C42, 5D22A4F91746F6755A72CB73CF4CB091D30A259F796B198D37458A84A93E9EF5 ] C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
19:39:04.0696 0x0768  3200 Scan2PC - detected UnsignedFile.Multi.Generic ( 1 )
19:39:07.0124 0x0768  Detect skipped due to KSN trusted
19:39:07.0124 0x0768  3200 Scan2PC - ok
19:39:07.0234 0x0768  [ 0133E5265FDD7063F87856C9BD5156C9, 27C0389B3FA0209C6B4D1A8A75AAD23525DD3B5DB7B0CD7358D1D6417818C8EF ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
19:39:07.0261 0x0768  LifeCam - ok
19:39:07.0372 0x0768  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
19:39:07.0400 0x0768  LexwareInfoService - ok
19:39:07.0507 0x0768  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:39:07.0620 0x0768  Sidebar - ok
19:39:07.0656 0x0768  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:39:07.0690 0x0768  mctadmin - ok
19:39:07.0743 0x0768  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:39:07.0783 0x0768  Sidebar - ok
19:39:07.0790 0x0768  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:39:07.0810 0x0768  mctadmin - ok
19:39:07.0858 0x0768  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
19:39:07.0869 0x0768  swg - ok
19:39:08.0191 0x0768  [ 127CD00925C1A2B759765C5B9600DE30, 22A9710B84873622EB1027552F3E7CC3E054FF367010149822F476A143556335 ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe
19:39:08.0339 0x0768  Messenger (Yahoo!) - ok
19:39:08.0556 0x0768  [ 24ECFD962F8226400282A009A32E8D92, DEE819069175305257492D002DB2E03EFBB86E9237C504E595EF7910306D7D73 ] C:\Users\Helmut Klein\AppData\Local\Viber\Viber.exe
19:39:08.0617 0x0768  Viber - ok
19:39:08.0676 0x0768  Skype - ok
19:39:08.0681 0x0768  Waiting for KSN requests completion. In queue: 9
19:39:09.0681 0x0768  Waiting for KSN requests completion. In queue: 9
19:39:10.0682 0x0768  Waiting for KSN requests completion. In queue: 9
19:39:11.0691 0x0768  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
19:39:11.0699 0x0768  Win FW state via NFP2: enabled ( trusted )
19:39:14.0148 0x0768  ============================================================
19:39:14.0148 0x0768  Scan finished
19:39:14.0148 0x0768  ============================================================
19:39:14.0164 0x0e3c  Detected object count: 3
19:39:14.0164 0x0e3c  Actual detected object count: 3
19:39:18.0760 0x0e3c  BTATH_A2DP ( ForgedFile.Multi.Generic ) - skipped by user
19:39:18.0760 0x0e3c  BTATH_A2DP ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:18.0762 0x0e3c  btath_avdt ( ForgedFile.Multi.Generic ) - skipped by user
19:39:18.0762 0x0e3c  btath_avdt ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:18.0763 0x0e3c  DatevPrintService ( UnsignedFile.Multi.Generic ) - skipped by user
19:39:18.0763 0x0e3c  DatevPrintService ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber · 21.08.2015, 07:29

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

berndi78 · 21.08.2015, 14:32

Code:

ATTFilter

ComboFix 15-08-20.01 - Helmut Klein 21.08.2015  13:32:41.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3958.1130 [GMT 2:00]
ausgeführt von:: c:\users\Helmut Klein\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\MediaPlayerV1
c:\program files (x86)\MediaViewerV1
c:\program files (x86)\MediaViewV1
c:\program files (x86)\MediaWatchV1
c:\programdata\ntuser.pol
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\Barry Manilow I can`t smile without you Copacabanaen concierto canciòn completa - YouTube.url
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\Even Now - YouTube.url
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\Hansi Hinterseer -- Du bist mein Leben Musik Video - MyVideo.url
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\Paul Davis-I go Crazy - YouTube - Kopie.url
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\Sasha-If you believe - YouTube.url
c:\users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Recent\The Carpenters - Close To You ( Live at Budokan - 1974 ) - YouTube.url
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-21 bis 2015-08-21  ))))))))))))))))))))))))))))))
.
.
2015-08-21 11:53 . 2015-08-21 11:53	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-20 16:22 . 2015-08-20 17:27	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-20 16:10 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{51F174B4-0E73-4CE6-AB65-77560111183E}\mpengine.dll
2015-08-20 15:59 . 2014-08-29 02:07	3179520	----a-w-	c:\windows\system32\rdpcorets.dll
2015-08-20 15:59 . 2014-05-08 09:32	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-08-20 15:41 . 2015-08-20 15:41	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-08-19 18:31 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2015-08-19 18:31 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2015-08-19 18:31 . 2012-08-23 14:13	243200	----a-w-	c:\windows\system32\rdpudd.dll
2015-08-19 18:31 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2015-08-19 18:31 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2015-08-19 18:25 . 2015-07-09 17:58	1632256	----a-w-	c:\windows\system32\dwmcore.dll
2015-08-19 18:25 . 2015-07-09 17:42	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2015-08-19 18:25 . 2015-07-09 17:58	82944	----a-w-	c:\windows\system32\dwmapi.dll
2015-08-19 18:25 . 2015-07-09 17:42	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2015-08-19 18:25 . 2015-06-25 10:06	115136	----a-w-	c:\windows\system32\consent.exe
2015-08-19 18:25 . 2015-06-25 10:01	1941504	----a-w-	c:\windows\system32\authui.dll
2015-08-19 18:25 . 2015-06-25 10:01	70656	----a-w-	c:\windows\system32\appinfo.dll
2015-08-19 18:25 . 2015-06-25 09:44	1805824	----a-w-	c:\windows\SysWow64\authui.dll
2015-08-19 18:08 . 2015-08-19 18:10	--------	d-----w-	C:\FRST
2015-08-19 08:17 . 2015-08-11 01:20	25191936	----a-w-	c:\windows\system32\mshtml.dll
2015-08-19 08:17 . 2015-08-11 01:14	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-08-19 08:17 . 2015-08-11 00:33	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2015-08-19 07:18 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-18 07:02 . 2015-08-18 07:02	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-08-13 07:20 . 2015-08-13 07:20	9284296	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-08-13 06:42 . 2015-07-01 07:13	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2CC9D989-B20E-482E-B3FF-9677617E3F8A}\gapaengine.dll
2015-08-12 21:25 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:25 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:41 . 2015-07-28 20:05	774656	----a-w-	c:\windows\system32\invagent.dll
2015-08-12 06:41 . 2015-07-28 20:05	743424	----a-w-	c:\windows\system32\generaltel.dll
2015-08-12 06:41 . 2015-07-28 20:05	437760	----a-w-	c:\windows\system32\devinv.dll
2015-08-12 06:41 . 2015-07-28 20:05	1116672	----a-w-	c:\windows\system32\appraiser.dll
2015-08-12 06:41 . 2015-07-28 20:05	69120	----a-w-	c:\windows\system32\acmigration.dll
2015-08-12 06:41 . 2015-07-28 19:55	1148416	----a-w-	c:\windows\system32\aeinv.dll
2015-08-12 06:41 . 2015-07-28 20:09	17344	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-08-12 06:41 . 2015-07-28 20:05	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-08-12 06:41 . 2015-07-15 18:10	1743360	----a-w-	c:\windows\system32\sysmain.dll
2015-08-12 06:40 . 2015-07-15 18:15	94656	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-08-12 06:40 . 2015-07-15 20:23	2560	----a-w-	c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2015-08-12 06:40 . 2015-07-15 18:10	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-08-12 06:38 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-08-12 06:35 . 2015-07-30 18:06	41984	----a-w-	c:\windows\system32\lpk.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-20 16:22 . 2014-04-11 09:09	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-20 16:20 . 2014-04-11 09:08	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-08-19 15:23 . 2012-10-26 21:20	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2015-08-19 15:23 . 2012-10-26 21:20	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2015-08-13 07:20 . 2012-10-20 07:37	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-13 07:20 . 2012-10-16 10:30	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-12 21:10 . 2012-10-12 14:15	132483416	----a-w-	c:\windows\system32\MRT.exe
2015-07-22 17:53 . 2015-08-19 18:26	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-07-05 10:08 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-07-04 18:07 . 2015-07-15 07:06	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 07:06	1414656	----a-w-	c:\windows\SysWow64\ole32.dll
2015-07-01 07:13 . 2012-10-21 08:40	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-18 06:41 . 2014-04-11 09:08	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2014-04-11 09:08	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-06-17 17:47 . 2015-07-15 07:06	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-15 07:06	312320	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-06-15 21:45 . 2015-07-15 07:05	3242496	----a-w-	c:\windows\system32\msi.dll
2015-06-15 21:45 . 2015-07-15 07:05	504320	----a-w-	c:\windows\system32\msihnd.dll
2015-06-15 21:44 . 2015-07-15 07:05	128000	----a-w-	c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-15 07:05	2364416	----a-w-	c:\windows\SysWow64\msi.dll
2015-06-15 21:43 . 2015-07-15 07:05	337408	----a-w-	c:\windows\SysWow64\msihnd.dll
2015-06-15 21:42 . 2015-07-15 07:05	73216	----a-w-	c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-15 07:05	25088	----a-w-	c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-15 07:05	25088	----a-w-	c:\windows\SysWow64\msimsg.dll
2015-06-02 00:07 . 2015-07-15 07:06	254976	----a-w-	c:\windows\system32\cewmdm.dll
2015-06-01 23:47 . 2015-07-15 07:06	210432	----a-w-	c:\windows\SysWow64\cewmdm.dll
2015-05-25 18:19 . 2015-06-10 07:56	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:18 . 2015-06-10 07:56	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 07:56	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 07:56	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 07:56	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 07:56	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:01 . 2015-06-10 07:56	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:00 . 2015-06-10 07:56	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 07:56	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 07:56	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 07:56	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 07:56	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-11-11 39408]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]
"Viber"="c:\users\Helmut Klein\AppData\Local\Viber\Viber.exe" [2014-10-20 936656]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-08-07 53736048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2011-07-06 688128]
"3200 Scan2PC"="c:\windows\twain_32\Samsung\SCX3200\Scan2Pc.exe" [2010-05-18 1989120]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-07 642656]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Basisschnittstelle Office Initialisierung.lnk - c:\datev\PROGRAMM\BSoffice\service\OfficeDiag.exe /EnsureUI [2014-11-26 95784]
CleanupPrintJobs.lnk - c:\datev\PROGRAMM\B0001401\CleanupPrintJobs.exe [2013-11-4 22568]
SkyUserDevmode-Update.lnk - c:\datev\PROGRAMM\B0001401\UpdateDevmode.exe [2013-11-4 21032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 DATEV Update-Service;DATEV Update-Service;c:\datev\PROGRAMM\INSTALL\DvInesASDSvc.Exe;c:\datev\PROGRAMM\INSTALL\DvInesASDSvc.Exe [x]
R3 Datev.Database.Conserve;DATEV Connection Service;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Database.Conserve SvcRunLevel=1000;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Database.Conserve SvcRunLevel=1000 [x]
R3 Datev.Irw.ServiceProvider.HostXcut.Server;DATEV IRW ServiceProvider;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Irw.ServiceProvider.HostXcut.Server -SvcRunLevel=2000;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Irw.ServiceProvider.HostXcut.Server -SvcRunLevel=2000 [x]
R3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn;DATEV Schnittstellensystem pro V0300;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [x]
R3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn;DATEV Schnittstellensystem pro V0400;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0153.sys [x]
R4 SQLAgent$DATEV_DBENGINE;SQL Server Agent (DATEV_DBENGINE);c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 Datev.Framework.RemoteServiceModel.EnablerService;DATEV DFL-Service-Manager;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServiceModel.EnablerService -SvcRunLevel=9999;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServiceModel.EnablerService -SvcRunLevel=9999 [x]
S2 DatevPrintService;DATEV Druckservice;c:\datev\PROGRAMM\B0001442\PSNTSERV.EXE;c:\datev\PROGRAMM\B0001442\PSNTSERV.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 MSSQL$DATEV_DBENGINE;SQL Server (DATEV_DBENGINE);c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe;c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 Datev.Framework.RemoteServices;DATEV DFL Infrastruktur-Dienst;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServices -SvcRunLevel=1000;c:\datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServices -SvcRunLevel=1000 [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MSSQLFDLauncher$DATEV_DBENGINE;SQL Full-text Filter Daemon Launcher (DATEV_DBENGINE);c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe;c:\program files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-12 16:40	995144	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 07:20]
.
2015-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 09:09]
.
2015-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 09:09]
.
2015-08-20 c:\windows\Tasks\HPCeeScheduleForHelmut Klein.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 6602856]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-10-22 984736]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-10-22 799904]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11406&pf=V7&trgb=IE&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=hp&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=ie_11.0.9600.17207&apn_uid=CD724A68-68C9-4CC3-83E2-3B1E55E4DD65&itbv=12.15.5.30&doi=2014-08-06&psv=&pt=tb
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{DF5E9FAB-35D3-4F58-A548-71803BAACC44}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: !HIDDEN! 2013-06-13 11:06; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF - ExtSQL: !HIDDEN! 2013-06-13 11:22; 65ffxtbr@FromDocToPDF_65.com; c:\program files (x86)\FromDocToPDF_65\bar\1.bin
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{312f84fb-8970-4fd3-bddb-7012eac4afc9} - c:\progra~2\VIDEOD~2\bar\1.bin\4zbar.dll
BHO-{a235e1e3-6296-4710-af39-104a7faa6c7c} - c:\progra~2\FROMDO~2\bar\1.bin\65bar.dll
BHO-{c547c6c2-561b-4169-a2a5-20ba771ca93b} - c:\program files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
BHO-{f236ca79-3123-4afb-9f74-e98117ad5625} - c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - c:\program files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
Toolbar-{c66a678d-5e6c-4af9-8f57-c6192f42cf74} - c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-ApnUpdater - c:\program files (x86)\Ask.com\Updater\Updater.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\@2*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-08-21  14:25:55
ComboFix-quarantined-files.txt  2015-08-21 12:25
.
Vor Suchlauf: 18 Verzeichnis(se), 352.885.932.032 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 360.503.357.440 Bytes frei
.
- - End Of File - - 2BFAEBA7D494A67FA43DD710E9EB308B

schrauber · 22.08.2015, 09:59

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

berndi78 · 22.08.2015, 12:42

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.08.2015
Suchlaufzeit: 12:34
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.22.01
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Helmut Klein

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387779
Abgelaufene Zeit: 38 Min., 24 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 296
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F236CA79-3123-4AFB-9F74-E98117AD5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F236CA79-3123-4AFB-9F74-E98117AD5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [26b3d932305b9f9783af14c161a1c53b], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [26b3d932305b9f9783af14c161a1c53b], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [07d26aa1ff8c93a3da1bedad3ac8f907], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [07d26aa1ff8c93a3da1bedad3ac8f907], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{017d68f2-19b3-41ae-9d8a-8b09dbd25479}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ae84501a-2cb6-41d6-b3a7-9679bdbdfa0b}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{afa196f4-80e5-47ad-b7bc-c671487d36fb}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f96ee2ef-fe15-4878-aecd-bc367f12c70f}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cd1d181e-c654-4ca5-9d09-b3648537fd7d}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4ffa72ec-9fd9-4b2b-92a5-68b60885fd8a}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4FFA72EC-9FD9-4B2B-92A5-68B60885FD8A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{504b4aa9-9952-4490-b0e1-80a5321c35f7}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b7fd68f7-d28b-431e-9ee8-e45d915b7f17}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3700b685-d795-4e17-9b78-73bcee5d4086}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a0cf6cb9-2276-4f30-b841-05a67067ace0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{66292684-b2c2-4c7c-b3d2-bf446e30744c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3719959c-1ccd-4fa7-8ebb-7d9ded86fccb}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{dd385519-22e7-4be2-8a8d-35c66df4858e}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6bff4bcb-7a73-45a7-ac4c-389a34e1d1ef}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8fca5302-6d6d-4645-bf99-d43cf76ce474}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2a1260c1-2964-453f-b0ba-fa429472eb5f}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4128c64d-f0dd-4811-9405-d22294e8151f}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3b41be90-f731-4137-aff3-2ca951e7f0d9}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{84b7b98f-e018-4dbb-ab4c-4ddd3dfcb5fb}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{363d5c92-10dc-4287-93e5-1832eecc48ec}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, In Quarantäne, [3d9cc348d6b5f83e0681a7b35aa9b050], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [35a453b8f596d36360262b2fd62dd42c], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [b62326e54b40cd697639044f778cc63a], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB, In Quarantäne, [9940e526662572c41ecd3105db28ab55], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\FromDocToPDF_65, In Quarantäne, [1abfb7546d1e94a2faeaace439cb25db], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, In Quarantäne, [41980a011c6feb4b087f85d5bf4445bb], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [5782fc0f305b75c125be5cd8ad56857b], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\VideoDownloadConverter_4z, In Quarantäne, [6a6f44c7266504327560fa969e666997], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WAJAM, In Quarantäne, [1bbeb754b9d27db91766b8d8c044847c], 
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [9f3a64a7d9b21521f103ccdf8c788878], 
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, In Quarantäne, [24b548c39bf08babcb2a901b82822bd5], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dedmngkbaffkenlfdcbganndoghblmap, In Quarantäne, [c01974977516df573269acabb74c3ec2], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [f5e44ebda9e24ceaa6e0451512f112ee], 
PUP.Optional.Perion.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jifflliplgeajjdhmkcfnngfpgbjonjg, In Quarantäne, [af2a24e7aae1b77f600b83bfa261d828], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mmifolfpllfdhilecpdpmemhelmanajl, In Quarantäne, [9247b6550a812f07959321336e950cf4], 
PUP.Optional.SettingsProtector.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph, In Quarantäne, [10c9cc3f7f0c79bd00787cb9ea19738d], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\poheodfamflhhhdcmjfeggbgigeefaco, In Quarantäne, [6a6ffa1155365dd91efd90cf020146ba], 
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HABJLBFDAJAJFDPOKALPGKGPKEEDMNEI, In Quarantäne, [855489829fecb58133edd1545ba8c838], 
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HDMCAAOHMBJEDCDIFPIPPGJEPPFDJCMC, In Quarantäne, [6f6a808b36555bdbeb35fb2ae41f5ea2], 
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MPMMFOIDKBIOCONKEBNGJFAIOPDACPCA, In Quarantäne, [b623ba513e4d6dc9bf629491e81b847c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D9083CE-8758-4704-BA57-3C891D7452BD}, In Quarantäne, [548553b84e3d74c24dc5dec8fc086c94], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36B445BF-1B84-466A-A623-A360A8CFF8C3}, In Quarantäne, [8b4e719a523960d61200f2b458ac8080], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3D429207-4689-492D-A0E5-CDC5DFBB5005}, In Quarantäne, [b5247497c4c775c128ea7b2b8d77f010], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D59105-FE06-43A4-B292-EB0097E9EB74}, In Quarantäne, [a138fc0f761501355bb73a6ce42039c7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}, In Quarantäne, [c415fb106823be78040e7135966e936d], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{701F5C41-BB30-46DA-A56B-68784B0B762B}, In Quarantäne, [726739d26229c86ea0726a3cb84c6a96], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9103C314-C4E2-4463-8934-B19BCB46236D}, In Quarantäne, [8455ca41b5d60333779bb2f4986cfe02], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97CEF41C-5055-474A-855A-892D4FE3E596}, In Quarantäne, [3a9f55b66b2037ff6aa8188e0cf80cf4], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3B975A0-F679-444E-9D94-6D292FA53140}, In Quarantäne, [6f6af219dab1aa8cc1512c7a09fb50b0], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D375EE64-F893-498A-A0E9-0E9829C88C3D}, In Quarantäne, [cc0d8685f893a096f81a515526de9e62], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D97143C2-4282-496B-BDC4-7EC852F1497C}, In Quarantäne, [d5046aa1c4c753e3cc46109635cf827e], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}, In Quarantäne, [05d46c9f5e2db77f27ebe9bd9c680cf4], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@FromDocToPDF_65.com/Plugin, In Quarantäne, [9c3d0506f59681b5cec62b7cac58f808], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, In Quarantäne, [c3167497bdce66d05d37d6d1e42041bf], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [bc1d5ead48433afce810c8585da69967], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-18\SOFTWARE\DefaultTab, In Quarantäne, [f3e647c4a5e62b0bc9471d1bfb0826da], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [7069ac5f2b60b77fa94a06a560a4a55b], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\FromDocToPDF_65, In Quarantäne, [b12862a94447290d6a7b97f939cb3ec2], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\VideoDownloadConverter_4z, In Quarantäne, [4a8f5caf7417d66023b3c9c7b94b4ab6], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [15c4a7647f0ce650bc37c1eaac588779], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [647516f53a5187af3b2b118131d360a0], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, In Quarantäne, [52879675662593a3887b7cd9976ccf31], 
PUP.Optional.ReMarkit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, In Quarantäne, [26b3cb400e7d3bfb91a290b0b44f6b95], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, In Quarantäne, [d4054ebddead80b67d7bbc98e61d44bc], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\CONDUIT\DistributionEngine, In Quarantäne, [76639f6cf3989f9793b28d1dba4a1be5], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{469E0712-B340-4179-B1B6-788C86E00627}, In Quarantäne, [8b4ec8438a0148ee520b41e30201ff01], 

Registrierungswerte: 29
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}, In Quarantäne, [627758b399f22a0c5ece4d509f637888], 
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [e5f49d6e92f9f6401f096ada39ca956b]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\habjlbfdajajfdpokalpgkgpkeedmnei|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3225\ch\MediaViewV1alpha3225.crx, In Quarantäne, [855489829fecb58133edd1545ba8c838]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hdmcaaohmbjedcdifpippgjeppfdjcmc|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha621\ch\MediaViewV1alpha621.crx, In Quarantäne, [6f6a808b36555bdbeb35fb2ae41f5ea2]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpmmfoidkbioconkebngjfaiopdacpca|path, C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha332\ch\MediaViewerV1alpha332.crx, In Quarantäne, [b623ba513e4d6dc9bf629491e81b847c]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2d9083ce-8758-4704-ba57-3c891d7452bd}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [548553b84e3d74c24dc5dec8fc086c94]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36b445bf-1b84-466a-a623-a360a8cff8c3}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [8b4e719a523960d61200f2b458ac8080]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [b5247497c4c775c128ea7b2b8d77f010]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66d59105-fe06-43a4-b292-eb0097e9eb74}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [a138fc0f761501355bb73a6ce42039c7]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6cbf5c01-c876-481b-867e-111cb1d2a7d6}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [c415fb106823be78040e7135966e936d]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{701f5c41-bb30-46da-a56b-68784b0b762b}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [726739d26229c86ea0726a3cb84c6a96]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9103c314-c4e2-4463-8934-b19bcb46236d}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [8455ca41b5d60333779bb2f4986cfe02]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97cef41c-5055-474a-855a-892d4fe3e596}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [3a9f55b66b2037ff6aa8188e0cf80cf4]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a3b975a0-f679-444e-9d94-6d292fa53140}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [6f6af219dab1aa8cc1512c7a09fb50b0]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d375ee64-f893-498a-a0e9-0e9829c88c3d}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [cc0d8685f893a096f81a515526de9e62]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d97143c2-4282-496b-bdc4-7ec852f1497c}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [d5046aa1c4c753e3cc46109635cf827e]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0c3a839-0e5e-4ebc-9f8f-e56f8fc732ce}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [05d46c9f5e2db77f27ebe9bd9c680cf4]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, In Quarantäne, [9d3cd635ec9fc670fc263370c143d030]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [62778f7c8b002a0c3aeeb88c34cfcd33]
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|4zffxtbr@VideoDownloadConverter_4z.com, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [5287b15ac1caa98de1b200a747bdb848]
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|65ffxtbr@FromDocToPDF_65.com, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [f1e8af5c0d7e5fd7fd96a601986c8c74]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|xz123@ya456.com, C:\Program Files (x86)\BetterSurf\ff, In Quarantäne, [79608a813b5036009d342629ea1934cc]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|12x3q@3244516.com, C:\Program Files (x86)\Better-Surf\ff, In Quarantäne, [d30639d28cffe3535b8a6232d133ce32]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, In Quarantäne, [409911fa4942a09671b0663dcd373ec2]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324839&octid=EB_ORIGINAL_CTID&ISID=MACFF8CA3-7736-44BF-BEE4-158090A2FB60&SearchSource=58&CUI=&UM=5&UP=SPB279500B-C678-4BF2-9D77-4EA34B99EEB5&q={searchTerms}&SSPV=, In Quarantäne, [b7223fcca7e463d3521e00259c6750b0]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [667356b5444794a287e970b545be07f9]
PUP.Optional.Spigot.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{469E0712-B340-4179-B1B6-788C86E00627}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}, In Quarantäne, [8b4ec8438a0148ee520b41e30201ff01]
PUP.Optional.BrowserManager.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{58bd07eb-0ee0-4df0-8121-dc9b693373df}, C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension, In Quarantäne, [9e3b25e692f912246ae0db56ed16c63a]

Registrierungsdaten: 2
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013),Ersetzt,[8d4ce42736559a9cb7e9a9a30afbdf21]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013),Ersetzt,[7069a269b5d6e452821f43096f967987]

Ordner: 54
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\chrome, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\gen1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\History, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\IE9Mesg, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Message, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Settings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.OptimizerPro.A, C:\Users\Helmut Klein\Documents\Optimizer Pro, In Quarantäne, [8b4e21ea36557db97d571b8e8a7a966a], 
PUP.Optional.Websteroids.A, C:\Users\Helmut Klein\AppData\Local\Websteroids, In Quarantäne, [e6f37992b8d355e1043f98540101fd03], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\VideoDownloadConverter_4z, In Quarantäne, [8a4fa66562294fe7e79040adb44e6898], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\FromDocToPDF_65, In Quarantäne, [6079ff0cc7c42f07a2365f8f936f2cd4], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\History, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Settings, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Delta.ShrtCln, C:\Program Files (x86)\Delta\delta, In Quarantäne, [26b36c9fa2e966d022fc0312946f8c74], 
PUP.Optional.Delta.ShrtCln, C:\Users\Helmut Klein\AppData\LocalLow\Delta\delta, In Quarantäne, [ecedd635018a1422190665b0be45da26], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [f0e948c3aae12c0af072977ffa099769], 

Dateien: 188
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\Downloads\VideoDownloadConvert.exe, In Quarantäne, [4495af5c5a318caace58e5a67c89dd23], 
PUP.Optional.BProtector.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\bprotector_extensions.sqlite, In Quarantäne, [99400902c6c54cea353bd84a030017e9], 
PUP.Optional.BProtector.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\bprotector_prefs.js, In Quarantäne, [8f4a8a81800b3afcb9b79989f40fb947], 
PUP.Optional.Spigot.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\yahoo_ff.xml, In Quarantäne, [8d4ccd3e7516e45222bcbd7534cf5ca4], 
PUP.Optional.Conduit.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\conduit-search.xml, In Quarantäne, [6178917a810ab97d0f8378c9689beb15], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater\Updater.xml, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater\status.cfg, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.WebSearch.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\Web Search.xml, In Quarantäne, [d30667a4a0eb7cba01a3fc64f50e9e62], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\UrlFolderExtension.ufm, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\UrlFolderExtension.uf1, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\anemone-1.2.7.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\App.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\jquery-1.7.2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\jquery.swfobject-1.1.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\json2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\reset.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\widget-api-1.2.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\css\App.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts\cabin.eot, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts\cabin.woff, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\ArrowConverting.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\spinner.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\sprite.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\App.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\PDFConverter.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\Reporting.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf\UploadButton.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf\UploadButtonIE6.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\widget-messaging-1.0.SNAPSHOT.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js\Translate.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\anemone-1.2.7.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\App.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\jquery-1.7.2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\jquery.swfobject-1.1.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\json2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\reset.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\widget-api-1.2.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\css\App.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts\cabin.eot, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts\cabin.woff, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\ArrowConverting.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\spinner.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\sprite.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\App.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\PDFConverter.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\Reporting.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf\UploadButton.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf\UploadButtonIE6.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\BOOTSTRAP.JS, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65mlbtn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bprtct.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65datact.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65dyn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65feedmg.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65highin.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65hkstub.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65httpct.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65idle.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65impipe.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65medint.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65Plugin.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65radio.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65regfft.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65reghk.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65regiet.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65script.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65skplay.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65uabtn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\CHROME.MANIFEST, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\INSTALL.RDF, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\installKeys.js, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\LOGO.BMP, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\NP65Stub.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\T8TICKER.DLL, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\chrome\65ffxtbr.jar, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\gen1\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\IE9Mesg\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Message\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Settings\s_pid.dat, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\BOOTSTRAP.JS, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zuabtn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbprtct.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdyn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zfeedmg.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhighin.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhkstub.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhttpct.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zidle.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zimpipe.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmlbtn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zradio.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zregfft.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zreghk.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zregiet.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zscript.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zsknlcr.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CHROME.MANIFEST, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CREXT.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CrExtP4z.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\DPNMNGR.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\EXEMANAGER.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\INSTALL.RDF, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\installKeys.js, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\LOGO.BMP, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8EXTEX.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8EXTPEX.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\VERIFY.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome\4zffxtbr.jar, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers\VDC_Silent.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings\s_pid.dat, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.OptimizerPro.A, C:\Users\Helmut Klein\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [8b4e21ea36557db97d571b8e8a7a966a], 
PUP.Optional.Websteroids.A, C:\Users\Helmut Klein\AppData\Local\Websteroids\data2.dat, In Quarantäne, [e6f37992b8d355e1043f98540101fd03], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00B44A7A, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1622.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD169F.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD16DE.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1789.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1816.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD194E.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD19F9.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1AA5.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1B02.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1B8F.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1C2B.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1C69.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\files.ini, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\History\search3, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Settings\prevcfg2.htm, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab\data.txt, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab\NewTab.crx, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\bootstrap.js, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome.manifest, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\install.rdf, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\installKeys.js, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome\4zffxtbr.jar, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\bootstrap.js, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome.manifest, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\install.rdf, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\installKeys.js, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome\65ffxtbr.jar, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v5.003 - Bericht erstellt 22/08/2015 um 13:26:32
# Aktualisiert 20/08/2015 von Xplode
# Datenbank : 2015-08-20.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Helmut Klein - HELMUTKLEIN-HP
# Gestarted von : C:\Users\Helmut Klein\Downloads\AdwCleaner_5.003.exe
# Option : Löschen

***** [ Dienste ] *****

[-] Dienst Gelöscht : YahooAUService

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Delta
[-] Ordner Gelöscht : C:\Program Files (x86)\VideoPlayerV3
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Ask
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
[-] Ordner Gelöscht : C:\ProgramData\Fighters
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Local\iac
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\LocalLow\Delta
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\LocalLow\Yahoo! Companion
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Roaming\Babylon
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Roaming\Fighters
[-] Ordner Gelöscht : C:\Users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[-] Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Scheduled Update for Ask Toolbar

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKCU\Software\53e8c8fb369e548
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\53e8c8fb369e548
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\Delta
[-] Schlüssel Gelöscht : HKCU\Software\IM
[-] Schlüssel Gelöscht : HKCU\Software\ImInstaller
[-] Schlüssel Gelöscht : HKCU\Software\lollipop
[-] Schlüssel Gelöscht : HKCU\Software\Condut
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\BetterSurf
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Better-Surf
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Delta
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\IM
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ImInstaller
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\lollipop
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Condut
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Internetbrowser ] *****

[-] [C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snapdo.com
[-] [C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : conduit.search
[-] [C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : 
[-] [C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ch
[-] [C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ch","hxxp://search.conduit.com/?gd=&ctid=CT3324839&octid=EB_ORIGINAL_CTID&ISID=MACFF8CA3-7736-44BF-BEE4-158090A2FB60&SearchSource=55&CUI=&UM=5&UP=SPB279500B-C678-4BF2-9D77-4EA34B99EEB5&SSPV=

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19073 Bytes] ##########

berndi78 · 22.08.2015, 12:45

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.08.2015
Suchlaufzeit: 12:34
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.22.01
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Helmut Klein

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387779
Abgelaufene Zeit: 38 Min., 24 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 296
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, In Quarantäne, [fcddcc3fa3e857df2cffe6b7c73b9868], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}, In Quarantäne, [e5f49279206b1422c5e90e8eda2805fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, In Quarantäne, [be1b8388fd8eab8bab82861700023ec2], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F236CA79-3123-4AFB-9F74-E98117AD5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F236CA79-3123-4AFB-9F74-E98117AD5625}, In Quarantäne, [9c3d4fbc89024fe7b6f6e7b5f012cc34], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [26b3d932305b9f9783af14c161a1c53b], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [26b3d932305b9f9783af14c161a1c53b], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [07d26aa1ff8c93a3da1bedad3ac8f907], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [07d26aa1ff8c93a3da1bedad3ac8f907], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{017d68f2-19b3-41ae-9d8a-8b09dbd25479}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.MultipleButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.MultipleButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ae84501a-2cb6-41d6-b3a7-9679bdbdfa0b}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9CB19259-5D60-49A7-8AF7-2B7CAF36C124}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A7C6FA4E-F2A1-4D4B-90CB-2757143E7AAB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F39D8ED3-A6F6-427F-8AF8-BC9784FA70D8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4d8aeb1d-4ed4-44ac-a039-4775b2575db0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ToolbarProtector, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ToolbarProtector.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{afa196f4-80e5-47ad-b7bc-c671487d36fb}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{37E2C8D2-3EF0-46D4-AD11-A8DA53942034}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{CF9608AD-4ECF-4A16-B122-B374299DE7B5}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F05D47B2-7C9F-401D-A083-3AA4A4711F4F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{bf6fdbb8-7cd5-402d-ab4f-e4f13d3490c8}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f96ee2ef-fe15-4878-aecd-bc367f12c70f}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.DynamicBarButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.DynamicBarButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cd1d181e-c654-4ca5-9d09-b3648537fd7d}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{62D88F68-AC05-4FBF-AC16-E76B3B7B6531}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E70DAE92-1A31-4AB8-9FCF-52FBDA0CC66A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{6191571e-f7ee-47c3-b229-2dfac70db5d2}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.FeedManager, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.FeedManager.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4ffa72ec-9fd9-4b2b-92a5-68b60885fd8a}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A9141680-DC75-4DD7-B86D-9CC2A83DCB9B}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FC65C7F9-115F-42A6-BC49-BF7A60A5314E}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{840ae8ae-d547-433e-985c-6bf6c74f5084}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4FFA72EC-9FD9-4B2B-92A5-68B60885FD8A}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{504b4aa9-9952-4490-b0e1-80a5321c35f7}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1EF6208B-483A-48F6-B9E5-9B6C54200F8C}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3bb1ba04-1b88-4690-9ad3-0d38412f5ff1}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.RadioSettings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.RadioSettings.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b7fd68f7-d28b-431e-9ee8-e45d915b7f17}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.Radio, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.Radio.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3700b685-d795-4e17-9b78-73bcee5d4086}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ScriptButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.ScriptButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a0cf6cb9-2276-4f30-b841-05a67067ace0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.UrlAlertButton, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FromDocToPDF_65.UrlAlertButton.1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{66292684-b2c2-4c7c-b3d2-bf446e30744c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.UrlAlertButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.UrlAlertButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3719959c-1ccd-4fa7-8ebb-7d9ded86fccb}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{37923200-6887-4b44-95d4-cae8f83ecfee}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ToolbarProtector, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ToolbarProtector.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{dd385519-22e7-4be2-8a8d-35c66df4858e}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7FC87AC5-FA93-476E-A32C-A941229DED0B}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A266567F-8E5D-480C-BCE2-C360FA669FD5}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{ca723163-6fad-43d4-8b93-0d8c52bd9974}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6bff4bcb-7a73-45a7-ac4c-389a34e1d1ef}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.DynamicBarButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.DynamicBarButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8fca5302-6d6d-4645-bf99-d43cf76ce474}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1AD2049E-E483-4425-8555-8E0775ACB631}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{aa289dbc-59b6-40a5-ac7d-c90df850289c}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.FeedManager, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.FeedManager.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2a1260c1-2964-453f-b0ba-fa429472eb5f}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47700C35-9E3E-4DAD-934C-0CE28A87237C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5A96E574-F8A6-4F6A-B58D-79C14B698017}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4128c64d-f0dd-4811-9405-d22294e8151f}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.MultipleButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.MultipleButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3b41be90-f731-4137-aff3-2ca951e7f0d9}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.Radio, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.Radio.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{84b7b98f-e018-4dbb-ab4c-4ddd3dfcb5fb}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{79332472-47f3-4e32-b07f-cf8df4c58499}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.RadioSettings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.RadioSettings.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{363d5c92-10dc-4287-93e5-1832eecc48ec}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ScriptButton, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\VideoDownloadConverter_4z.ScriptButton.1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, In Quarantäne, [3d9cc348d6b5f83e0681a7b35aa9b050], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [35a453b8f596d36360262b2fd62dd42c], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [b62326e54b40cd697639044f778cc63a], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB, In Quarantäne, [9940e526662572c41ecd3105db28ab55], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\FromDocToPDF_65, In Quarantäne, [1abfb7546d1e94a2faeaace439cb25db], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, In Quarantäne, [41980a011c6feb4b087f85d5bf4445bb], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [5782fc0f305b75c125be5cd8ad56857b], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\VideoDownloadConverter_4z, In Quarantäne, [6a6f44c7266504327560fa969e666997], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WAJAM, In Quarantäne, [1bbeb754b9d27db91766b8d8c044847c], 
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [9f3a64a7d9b21521f103ccdf8c788878], 
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, In Quarantäne, [24b548c39bf08babcb2a901b82822bd5], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dedmngkbaffkenlfdcbganndoghblmap, In Quarantäne, [c01974977516df573269acabb74c3ec2], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [f5e44ebda9e24ceaa6e0451512f112ee], 
PUP.Optional.Perion.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jifflliplgeajjdhmkcfnngfpgbjonjg, In Quarantäne, [af2a24e7aae1b77f600b83bfa261d828], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mmifolfpllfdhilecpdpmemhelmanajl, In Quarantäne, [9247b6550a812f07959321336e950cf4], 
PUP.Optional.SettingsProtector.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph, In Quarantäne, [10c9cc3f7f0c79bd00787cb9ea19738d], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\poheodfamflhhhdcmjfeggbgigeefaco, In Quarantäne, [6a6ffa1155365dd91efd90cf020146ba], 
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HABJLBFDAJAJFDPOKALPGKGPKEEDMNEI, In Quarantäne, [855489829fecb58133edd1545ba8c838], 
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HDMCAAOHMBJEDCDIFPIPPGJEPPFDJCMC, In Quarantäne, [6f6a808b36555bdbeb35fb2ae41f5ea2], 
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MPMMFOIDKBIOCONKEBNGJFAIOPDACPCA, In Quarantäne, [b623ba513e4d6dc9bf629491e81b847c], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D9083CE-8758-4704-BA57-3C891D7452BD}, In Quarantäne, [548553b84e3d74c24dc5dec8fc086c94], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36B445BF-1B84-466A-A623-A360A8CFF8C3}, In Quarantäne, [8b4e719a523960d61200f2b458ac8080], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3D429207-4689-492D-A0E5-CDC5DFBB5005}, In Quarantäne, [b5247497c4c775c128ea7b2b8d77f010], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D59105-FE06-43A4-B292-EB0097E9EB74}, In Quarantäne, [a138fc0f761501355bb73a6ce42039c7], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}, In Quarantäne, [c415fb106823be78040e7135966e936d], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{701F5C41-BB30-46DA-A56B-68784B0B762B}, In Quarantäne, [726739d26229c86ea0726a3cb84c6a96], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9103C314-C4E2-4463-8934-B19BCB46236D}, In Quarantäne, [8455ca41b5d60333779bb2f4986cfe02], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97CEF41C-5055-474A-855A-892D4FE3E596}, In Quarantäne, [3a9f55b66b2037ff6aa8188e0cf80cf4], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3B975A0-F679-444E-9D94-6D292FA53140}, In Quarantäne, [6f6af219dab1aa8cc1512c7a09fb50b0], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D375EE64-F893-498A-A0E9-0E9829C88C3D}, In Quarantäne, [cc0d8685f893a096f81a515526de9e62], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D97143C2-4282-496B-BDC4-7EC852F1497C}, In Quarantäne, [d5046aa1c4c753e3cc46109635cf827e], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}, In Quarantäne, [05d46c9f5e2db77f27ebe9bd9c680cf4], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@FromDocToPDF_65.com/Plugin, In Quarantäne, [9c3d0506f59681b5cec62b7cac58f808], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, In Quarantäne, [c3167497bdce66d05d37d6d1e42041bf], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [bc1d5ead48433afce810c8585da69967], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-18\SOFTWARE\DefaultTab, In Quarantäne, [f3e647c4a5e62b0bc9471d1bfb0826da], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [7069ac5f2b60b77fa94a06a560a4a55b], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\FromDocToPDF_65, In Quarantäne, [b12862a94447290d6a7b97f939cb3ec2], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\VideoDownloadConverter_4z, In Quarantäne, [4a8f5caf7417d66023b3c9c7b94b4ab6], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [15c4a7647f0ce650bc37c1eaac588779], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [647516f53a5187af3b2b118131d360a0], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, In Quarantäne, [52879675662593a3887b7cd9976ccf31], 
PUP.Optional.ReMarkit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, In Quarantäne, [26b3cb400e7d3bfb91a290b0b44f6b95], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, In Quarantäne, [d4054ebddead80b67d7bbc98e61d44bc], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\CONDUIT\DistributionEngine, In Quarantäne, [76639f6cf3989f9793b28d1dba4a1be5], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{469E0712-B340-4179-B1B6-788C86E00627}, In Quarantäne, [8b4ec8438a0148ee520b41e30201ff01], 

Registrierungswerte: 29
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, In Quarantäne, [c71217f4137855e180ac633a79895ba5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}, In Quarantäne, [627758b399f22a0c5ece4d509f637888], 
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [e5f49d6e92f9f6401f096ada39ca956b]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\habjlbfdajajfdpokalpgkgpkeedmnei|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3225\ch\MediaViewV1alpha3225.crx, In Quarantäne, [855489829fecb58133edd1545ba8c838]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hdmcaaohmbjedcdifpippgjeppfdjcmc|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha621\ch\MediaViewV1alpha621.crx, In Quarantäne, [6f6a808b36555bdbeb35fb2ae41f5ea2]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpmmfoidkbioconkebngjfaiopdacpca|path, C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha332\ch\MediaViewerV1alpha332.crx, In Quarantäne, [b623ba513e4d6dc9bf629491e81b847c]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2d9083ce-8758-4704-ba57-3c891d7452bd}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [548553b84e3d74c24dc5dec8fc086c94]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36b445bf-1b84-466a-a623-a360a8cff8c3}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [8b4e719a523960d61200f2b458ac8080]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [b5247497c4c775c128ea7b2b8d77f010]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66d59105-fe06-43a4-b292-eb0097e9eb74}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [a138fc0f761501355bb73a6ce42039c7]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6cbf5c01-c876-481b-867e-111cb1d2a7d6}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [c415fb106823be78040e7135966e936d]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{701f5c41-bb30-46da-a56b-68784b0b762b}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [726739d26229c86ea0726a3cb84c6a96]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9103c314-c4e2-4463-8934-b19bcb46236d}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [8455ca41b5d60333779bb2f4986cfe02]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97cef41c-5055-474a-855a-892d4fe3e596}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [3a9f55b66b2037ff6aa8188e0cf80cf4]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a3b975a0-f679-444e-9d94-6d292fa53140}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [6f6af219dab1aa8cc1512c7a09fb50b0]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d375ee64-f893-498a-a0e9-0e9829c88c3d}|AppPath, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [cc0d8685f893a096f81a515526de9e62]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d97143c2-4282-496b-bdc4-7ec852f1497c}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [d5046aa1c4c753e3cc46109635cf827e]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0c3a839-0e5e-4ebc-9f8f-e56f8fc732ce}|AppPath, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [05d46c9f5e2db77f27ebe9bd9c680cf4]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, In Quarantäne, [9d3cd635ec9fc670fc263370c143d030]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [62778f7c8b002a0c3aeeb88c34cfcd33]
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|4zffxtbr@VideoDownloadConverter_4z.com, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [5287b15ac1caa98de1b200a747bdb848]
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|65ffxtbr@FromDocToPDF_65.com, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [f1e8af5c0d7e5fd7fd96a601986c8c74]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|xz123@ya456.com, C:\Program Files (x86)\BetterSurf\ff, In Quarantäne, [79608a813b5036009d342629ea1934cc]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|12x3q@3244516.com, C:\Program Files (x86)\Better-Surf\ff, In Quarantäne, [d30639d28cffe3535b8a6232d133ce32]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, In Quarantäne, [409911fa4942a09671b0663dcd373ec2]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324839&octid=EB_ORIGINAL_CTID&ISID=MACFF8CA3-7736-44BF-BEE4-158090A2FB60&SearchSource=58&CUI=&UM=5&UP=SPB279500B-C678-4BF2-9D77-4EA34B99EEB5&q={searchTerms}&SSPV=, In Quarantäne, [b7223fcca7e463d3521e00259c6750b0]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [667356b5444794a287e970b545be07f9]
PUP.Optional.Spigot.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{469E0712-B340-4179-B1B6-788C86E00627}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}, In Quarantäne, [8b4ec8438a0148ee520b41e30201ff01]
PUP.Optional.BrowserManager.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{58bd07eb-0ee0-4df0-8121-dc9b693373df}, C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension, In Quarantäne, [9e3b25e692f912246ae0db56ed16c63a]

Registrierungsdaten: 2
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013),Ersetzt,[8d4ce42736559a9cb7e9a9a30afbdf21]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a4a66d3e-70c5-4d13-60fe-8cfdb5dd7e38&searchtype=ds&q={searchTerms}&installDate=15/11/2013),Ersetzt,[7069a269b5d6e452821f43096f967987]

Ordner: 54
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\chrome, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\gen1, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\History, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\IE9Mesg, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Message, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Settings, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.OptimizerPro.A, C:\Users\Helmut Klein\Documents\Optimizer Pro, In Quarantäne, [8b4e21ea36557db97d571b8e8a7a966a], 
PUP.Optional.Websteroids.A, C:\Users\Helmut Klein\AppData\Local\Websteroids, In Quarantäne, [e6f37992b8d355e1043f98540101fd03], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\VideoDownloadConverter_4z, In Quarantäne, [8a4fa66562294fe7e79040adb44e6898], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\FromDocToPDF_65, In Quarantäne, [6079ff0cc7c42f07a2365f8f936f2cd4], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\History, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Settings, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Delta.ShrtCln, C:\Program Files (x86)\Delta\delta, In Quarantäne, [26b36c9fa2e966d022fc0312946f8c74], 
PUP.Optional.Delta.ShrtCln, C:\Users\Helmut Klein\AppData\LocalLow\Delta\delta, In Quarantäne, [ecedd635018a1422190665b0be45da26], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [f0e948c3aae12c0af072977ffa099769], 

Dateien: 188
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\Downloads\VideoDownloadConvert.exe, In Quarantäne, [4495af5c5a318caace58e5a67c89dd23], 
PUP.Optional.BProtector.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\bprotector_extensions.sqlite, In Quarantäne, [99400902c6c54cea353bd84a030017e9], 
PUP.Optional.BProtector.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\bprotector_prefs.js, In Quarantäne, [8f4a8a81800b3afcb9b79989f40fb947], 
PUP.Optional.Spigot.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\yahoo_ff.xml, In Quarantäne, [8d4ccd3e7516e45222bcbd7534cf5ca4], 
PUP.Optional.Conduit.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\conduit-search.xml, In Quarantäne, [6178917a810ab97d0f8378c9689beb15], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater\Updater.xml, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.SoftwareUpdater.A, C:\Users\Helmut Klein\AppData\Local\SwvUpdater\status.cfg, In Quarantäne, [19c069a256356dc9d58ab89363a08f71], 
PUP.Optional.WebSearch.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\searchplugins\Web Search.xml, In Quarantäne, [d30667a4a0eb7cba01a3fc64f50e9e62], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\UrlFolderExtension.ufm, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\UrlFolderExtension.uf1, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\anemone-1.2.7.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\App.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\jquery-1.7.2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\jquery.swfobject-1.1.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\json2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\reset.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\widget-api-1.2.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\css\App.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts\cabin.eot, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\fonts\cabin.woff, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\ArrowConverting.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\DocToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PageToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\PDFToDOC.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\spinner.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\images\sprite.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\App.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\PDFConverter.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\js\Reporting.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf\UploadButton.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\531e39c92302b8b07e0aa624e7eb520cfc7d5256\1.0.2\swf\UploadButtonIE6.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\widget-messaging-1.0.SNAPSHOT.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\5b6797fca1a60132ef30cebc40ecb497fed5eaee\1.0.1\js\Translate.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\anemone-1.2.7.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\App.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\Background.html, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\jquery-1.7.2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\jquery.swfobject-1.1.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\json2.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\manifest.json, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\reset.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\SignedExtension.cab, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\underscore-1.3.1.min.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\widget-api-1.2.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\css\App.css, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts\cabin.eot, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\fonts\cabin.woff, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\ArrowConverting.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\DocToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\logo.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\logo.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PageToPDF.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.bmp, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.ico, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\PDFToDOC.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\spinner.gif, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\images\sprite.png, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\App.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\Background.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\PDFConverter.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\js\Reporting.js, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf\UploadButton.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Users\Helmut Klein\AppData\Local\FromDocToPDF_65\8d5c781e44b9ee833988277ba7c944242292b278\1.0.2\swf\UploadButtonIE6.swf, In Quarantäne, [d50413f8fd8e52e483f30b9b43c11be5], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\BOOTSTRAP.JS, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65mlbtn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bprtct.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65datact.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65dyn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65feedmg.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65highin.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65hkstub.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65httpct.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65idle.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65impipe.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65medint.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65Plugin.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65radio.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65regfft.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65reghk.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65regiet.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65script.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65skplay.exe, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65uabtn.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\CHROME.MANIFEST, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\INSTALL.RDF, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\installKeys.js, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\LOGO.BMP, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\NP65Stub.dll, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\T8TICKER.DLL, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\chrome\65ffxtbr.jar, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\gen1\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\IE9Mesg\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Message\COMMON.T8S, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\FromDocToPDF_65\bar\Settings\s_pid.dat, In Quarantäne, [8a4f9f6c1f6c280eaccc4f5754b0a45c], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\BOOTSTRAP.JS, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zuabtn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbprtct.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdyn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zfeedmg.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhighin.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhkstub.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhttpct.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zidle.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zimpipe.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmlbtn.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zradio.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zregfft.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zreghk.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zregiet.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zscript.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zsknlcr.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CHROME.MANIFEST, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CREXT.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CrExtP4z.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\DPNMNGR.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\EXEMANAGER.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\INSTALL.RDF, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\installKeys.js, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\LOGO.BMP, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8EXTEX.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8EXTPEX.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\VERIFY.DLL, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\chrome\4zffxtbr.jar, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers\VDC_Silent.exe, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\gen1\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\IE9Mesg\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Message\COMMON.T8S, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\Settings\s_pid.dat, In Quarantäne, [11c812f90d7e82b433453b6b18ec59a7], 
PUP.Optional.OptimizerPro.A, C:\Users\Helmut Klein\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [8b4e21ea36557db97d571b8e8a7a966a], 
PUP.Optional.Websteroids.A, C:\Users\Helmut Klein\AppData\Local\Websteroids\data2.dat, In Quarantäne, [e6f37992b8d355e1043f98540101fd03], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00B44A7A, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1622.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD169F.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD16DE.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1789.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1816.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD194E.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD19F9.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1AA5.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1B02.cab, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1B8F.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1C2B.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\00CD1C69.bmp, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Cache\files.ini, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\History\search3, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\LocalLow\FromDocToPDF_65\bar\Settings\prevcfg2.htm, In Quarantäne, [ce0bc8432e5d8aace10c2cc727dbe11f], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab\data.txt, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Perion.A, C:\Program Files (x86)\Perion\NewTab\NewTab.crx, In Quarantäne, [e1f808033f4c4de95652ea16ac57c040], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\bootstrap.js, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome.manifest, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\install.rdf, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\installKeys.js, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome\4zffxtbr.jar, In Quarantäne, [e2f71eede3a8b0862b9b8095ae55a35d], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\bootstrap.js, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome.manifest, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\install.rdf, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\installKeys.js, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 
PUP.Optional.Mindspark.A, C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default\Extensions\65ffxtbr@FromDocToPDF_65.com\chrome\65ffxtbr.jar, In Quarantäne, [defb4dbea1ea9e982a9ce82d19ea9868], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Home Premium x64
Ran by Helmut Klein on 22.08.2015 at 13:32:06,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] ib updater [Reboot required]



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c66a678d-5e6c-4af9-8f57-c6192f42cf74}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.XMLSessionPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.XMLSessionPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.XMLSessionPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\VideoDownloadConverter_4z.XMLSessionPlugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{484D89B8-A1D5-49BA-A7DA-A11F28169796}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{0634720A-E5E5-4526-BB0A-00AC35467905}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{10795AC3-850A-4618-AFC2-9D992688E8C4}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{16B4F39D-EB54-45B3-9A99-DD9774270CE1}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{1C21251D-7C3D-479B-88CF-CBBD37D97069}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{20655B37-65DC-4286-85F6-92B9A57C7AE3}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{327AEC68-E53A-4439-9293-E14D8055DBB0}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{36E16DA8-DB69-4B3A-8440-0282E3651EE7}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{459859BB-995D-4721-A2EE-8C94F666F77B}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{47314054-B191-494B-93F7-E370AE2F1AEC}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{48DFDDDB-BE0A-4550-A287-710566F1DC9F}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{4DBFDD5A-8253-4890-A5CE-A2B7F97FC993}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{63DC3553-3B68-436D-BA96-04E27A279CCE}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{BD8167B7-F639-4213-9491-A787EC42FEC5}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{C93C6166-2D82-42C7-AEA5-CD342339DA29}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{CB32BAE4-E9C3-4040-AD07-FD52AB9FF3CD}
Successfully deleted: [Empty Folder] C:\Users\Helmut Klein\Appdata\Local\{E9BCFE1E-0696-4840-ADD0-3F6851A276D5}
Successfully deleted: [Folder] C:\ProgramData\google



~~~ FireFox

Emptied folder: C:\Users\Helmut Klein\AppData\Roaming\mozilla\firefox\profiles\58ls1uj1.default\minidumps [41 files]



~~~ Chrome


[C:\Users\Helmut Klein\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Helmut Klein\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Helmut Klein\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Helmut Klein\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  cikkkfooompgefbcjlgdjejfdknkheaj,
  dcpfhaghaadpjpgocojgnlhjcieeooel,
  gpiifgmgnfdiblgpaepbmfdkcheicgof,
  jifflliplgeajjdhmkcfnngfpgbjonjg,
  nlcphjankhppgohedpkjonpadimhaoof
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.08.2015 at 13:38:33,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 23.08.2015, 06:13

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

berndi78 · 23.08.2015, 19:18

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3f07bf822eabc84d933ecf80043d54d4
# end=init
# utc_time=2015-08-23 07:05:58
# local_time=2015-08-23 09:05:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25403
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3f07bf822eabc84d933ecf80043d54d4
# end=updated
# utc_time=2015-08-23 07:10:44
# local_time=2015-08-23 09:10:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3f07bf822eabc84d933ecf80043d54d4
# engine=25403
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-23 10:39:58
# local_time=2015-08-23 12:39:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 8777352 111620020 0 0
# scanned=367823
# found=12
# cleaned=0
# scan_time=12554
sh=2056796F8C83F72BB83936A6F1F8CBF6F882008E ft=1 fh=c52316e756b7c6ff vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Alte Festplatte\Program Files\Uniblue\RegistryBooster\Launcher.exe"
sh=3AB33D0DCD34B5151C43CB2B43C1F2E7C6B81543 ft=1 fh=8db8910bd4236ad3 vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Alte Festplatte\Program Files\Uniblue\RegistryBooster\rbmonitor.exe"
sh=766F695976E89A6E5CCA2F39AB09F4CB89B9F30A ft=1 fh=0895301248445dd0 vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Alte Festplatte\Program Files\Uniblue\RegistryBooster\rbnotifier.exe"
sh=9866A5DB78CF2B47537016965E393062356244E5 ft=1 fh=fbc70375baecab75 vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Alte Festplatte\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe"
sh=425B9FF65FCB99D962DDC593133837062A8D6A4D ft=1 fh=aae3e8362530c353 vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Alte Festplatte\Program Files\Uniblue\RegistryBooster\registrybooster.exe"
sh=FCB46D20526AB11EFAD1D4E929D17FB746B49099 ft=1 fh=9a7bad8e750f2e20 vn="Win32/StartPage.OIE Trojaner" ac=I fn="C:\Alte Festplatte\Users\Media\Downloads\vlc-1.1.7-win32.exe"
sh=10B542C74ACDD720C69E4CCD24522B0F16444E11 ft=1 fh=17d93297270cfd07 vn="Win32/Toolbar.SearchSuite.W evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\AppData\Local\Viber\Helper.dll"
sh=0C1E6F3F260996047713E7EACDBDCE418DE29D59 ft=1 fh=c3aced315ef8c06d vn="Variante von Win32/Toolbar.SearchSuite.W.gen evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\AppData\Local\Viber\Uninstall.exe"
sh=A01DE3D2FE3E78D8E28395C91A416C125A6A97AD ft=1 fh=98a68e2ebe5ed131 vn="Variante von Win32/SlowPCfighter evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\Downloads\slow-pcfighter_Web(1).exe"
sh=C961047CE2287553F7612E73EC54A310701029F6 ft=1 fh=8c5411acd6ecd7bb vn="Variante von Win32/SlowPCfighter evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\Downloads\slow-pcfighter_Web.exe"
sh=C649A98452A4FF0E920CBCBD762AD8E11A89B158 ft=1 fh=74ae9e1d8089bb9d vn="Win32/Toolbar.SearchSuite.W evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\Downloads\ViberSetup (1).exe"
sh=24B28883ECC49AB49675BE073DD38B8843D7B6DE ft=1 fh=ee82fcc3063c2da4 vn="Win32/Toolbar.SearchSuite.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Helmut Klein\Downloads\ViberSetup.exe"

Filepony ist anscheinend nicht erreichbar, da die Downloadseite von SecurityCheck nicht geladen werden kann.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-08-2015
durchgeführt von Helmut Klein (Administrator) auf HELMUTKLEIN-HP (23-08-2015 16:05:13)
Gestartet von C:\Users\Helmut Klein\Downloads
Geladene Profile: Helmut Klein (Verfügbare Profile: Helmut Klein)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DATEV eG) C:\Datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DATEV eG) C:\Datev\PROGRAMM\B0001442\PSNTServ.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
(DATEV eG) C:\Datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DATEV eG) C:\Datev\SYSTEM\Nuko\NKWLOGIN.exe
(DATEV eG) C:\Datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\Datev\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\Datev\PROGRAMM\D0100000\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984736 2011-10-22] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-10-22] (Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [3200 Scan2PC] => C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe [1989120 2010-05-18] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-02-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-11] (Google Inc.)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Viber] => C:\Users\Helmut Klein\AppData\Local\Viber\Viber.exe [936656 2014-10-20] ()
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Basisschnittstelle Office Initialisierung.lnk [2013-01-10]
ShortcutTarget: Basisschnittstelle Office Initialisierung.lnk -> C:\Datev\PROGRAMM\BSoffice\service\OfficeDiag.exe (DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CleanupPrintJobs.lnk [2013-01-10]
ShortcutTarget: CleanupPrintJobs.lnk -> C:\Datev\PROGRAMM\B0001401\CleanupPrintJobs.exe (DATEV eG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk [2012-10-16]
ShortcutTarget: SkyUserDevmode-Update.lnk -> C:\Datev\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B9&OHP=&OSP=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3166234904-2042533533-3400599474-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130847978890649994&GUID=4C463330-2FAA-481B-848D-319B1A33599E
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> DefaultScope {469E0712-B340-4179-B1B6-788C86E00627} URL = 
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-22] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-3166234904-2042533533-3400599474-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0DB26612-5517-4562-B570-AAC80FF0DC31}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8A7E515E-0452-4C1F-AB7E-124EEA14EEFE}: [DhcpNameServer] 88.134.228.33 88.134.228.97
Tcpip\..\Interfaces\{DF5E9FAB-35D3-4F58-A548-71803BAACC44}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Helmut Klein\AppData\Roaming\Mozilla\Firefox\Profiles\58ls1uj1.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-11]
CHR Extension: (Google Search) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\Helmut Klein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [161320 2014-06-01] (DATEV eG)
R3 Datev.Database.Conserve; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
R2 Datev.Framework.RemoteServiceModel.EnablerService; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
R3 Datev.Framework.RemoteServices; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
S3 Datev.Irw.ServiceProvider.HostXcut.Server; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2014-06-27] (DATEV eG)
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [186368 2014-03-31] (DATEV eG) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2012-10-17] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R3 MSSQLFDLauncher$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [42168 2015-03-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 SQLAgent$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-22] (Atheros) [Datei ist nicht signiert]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-11-16] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [330912 2011-10-22] () [Datei ist nicht signiert]
S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [110240 2011-10-22] () [Datei ist nicht signiert]
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [557848 2011-05-20] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-23] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-23] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-28] (Samsung Electronics)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S1 wdxreidj; C:\Windows\system32\drivers\wdxreidj.sys [55168 2015-08-23] (Microsoft Corporation)
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U5 dmboot; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 12:04 - 2015-08-23 12:04 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdxreidj.sys
2015-08-23 09:05 - 2015-08-23 09:05 - 02870984 _____ (ESET) C:\Users\Helmut Klein\Downloads\esetsmartinstaller_deu.exe
2015-08-23 09:05 - 2015-08-23 09:05 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-22 13:38 - 2015-08-22 13:38 - 00006390 _____ C:\Users\Helmut Klein\Desktop\JRT.txt
2015-08-22 13:30 - 2015-08-22 13:30 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Helmut Klein\Downloads\JRT.exe
2015-08-22 13:25 - 2015-08-22 13:26 - 00000000 ____D C:\AdwCleaner
2015-08-22 13:24 - 2015-08-22 13:25 - 01605632 _____ C:\Users\Helmut Klein\Downloads\AdwCleaner_5.003.exe
2015-08-22 12:47 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-22 12:47 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-22 12:47 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-22 12:47 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-08-22 12:47 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-22 12:47 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-21 14:26 - 2015-08-21 14:26 - 00031548 _____ C:\ComboFix.txt
2015-08-21 13:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-21 13:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-21 13:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-21 13:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-21 13:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-21 13:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-21 13:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-21 13:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-21 13:25 - 2015-08-21 14:27 - 00000000 ____D C:\Qoobox
2015-08-21 13:24 - 2015-08-21 14:19 - 00000000 ____D C:\Windows\erdnt
2015-08-21 13:23 - 2015-08-21 13:23 - 05635234 ____R (Swearware) C:\Users\Helmut Klein\Desktop\ComboFix.exe
2015-08-20 19:35 - 2015-08-20 19:36 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Helmut Klein\Downloads\tdsskiller.exe
2015-08-20 18:54 - 2015-08-20 18:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 18:22 - 2015-08-20 19:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-20 18:20 - 2015-08-20 19:27 - 00000000 ____D C:\Users\Helmut Klein\Desktop\mbar
2015-08-20 18:17 - 2015-08-20 18:19 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Helmut Klein\Downloads\mbar-1.09.2.1008.exe
2015-08-20 17:41 - 2015-08-20 17:41 - 00001228 _____ C:\Users\Helmut Klein\Desktop\Revo Uninstaller.lnk
2015-08-20 17:41 - 2015-08-20 17:41 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-20 17:40 - 2015-08-20 17:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Helmut Klein\Downloads\revosetup95.exe
2015-08-19 20:34 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-08-19 20:34 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-08-19 20:34 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-08-19 20:34 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-08-19 20:34 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-08-19 20:34 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-19 20:34 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-08-19 20:34 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-19 20:34 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-08-19 20:34 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-08-19 20:34 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-19 20:34 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-19 20:34 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-08-19 20:34 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-19 20:34 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-08-19 20:31 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-08-19 20:31 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-08-19 20:31 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-08-19 20:31 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-08-19 20:26 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-19 20:26 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-19 20:26 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-19 20:26 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-19 20:26 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-19 20:26 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-19 20:26 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-19 20:26 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-19 20:26 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-19 20:26 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-19 20:26 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-19 20:26 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-19 20:26 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-19 20:26 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-19 20:26 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-19 20:26 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-19 20:26 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-19 20:26 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-19 20:26 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-19 20:26 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-19 20:26 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-19 20:26 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-19 20:26 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-19 20:26 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-19 20:26 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-19 20:26 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-19 20:26 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-19 20:26 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-19 20:26 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-19 20:26 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-19 20:26 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-19 20:26 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-19 20:26 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-19 20:26 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-19 20:26 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-19 20:26 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-19 20:26 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-19 20:26 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-19 20:26 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-19 20:25 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-19 20:25 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-19 20:25 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-19 20:25 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-19 20:25 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-19 20:25 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-19 20:25 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-19 20:25 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-19 20:09 - 2015-08-19 20:10 - 00041835 _____ C:\Users\Helmut Klein\Downloads\Addition.txt
2015-08-19 20:08 - 2015-08-23 16:05 - 00026191 _____ C:\Users\Helmut Klein\Downloads\FRST.txt
2015-08-19 20:08 - 2015-08-23 16:05 - 00000000 ____D C:\FRST
2015-08-19 20:07 - 2015-08-19 20:07 - 02173440 _____ (Farbar) C:\Users\Helmut Klein\Downloads\FRST64.exe
2015-08-19 10:17 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 10:17 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 10:17 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 10:17 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 09:02 - 2015-08-18 09:02 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-18 09:02 - 2015-08-18 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-13 09:20 - 2015-08-13 09:20 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 23:25 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 23:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:41 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:41 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:41 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:41 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:41 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:40 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:40 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:38 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:36 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:36 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:36 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:36 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:36 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:36 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:36 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:36 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:36 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:36 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:36 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:36 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:36 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:36 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:36 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:36 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:36 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:36 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:36 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:36 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:36 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:36 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:36 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:36 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:36 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:36 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:36 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:36 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:36 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:36 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:36 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:36 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:36 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:36 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:36 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:36 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:36 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:36 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:36 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:36 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:36 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:36 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:36 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:36 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:36 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:36 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:36 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:36 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:36 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:36 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:36 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:36 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:36 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:36 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:36 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:36 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:36 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:36 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:36 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:36 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:36 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:36 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:36 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:36 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:36 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:36 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:36 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:36 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:36 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:36 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:35 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:35 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:35 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:35 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:35 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:35 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:35 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:35 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:35 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:35 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:35 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:35 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:35 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:35 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 16:05 - 2012-04-07 08:28 - 01973407 _____ C:\Windows\WindowsUpdate.log
2015-08-23 15:55 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 15:55 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 15:51 - 2012-10-12 15:28 - 00000000 ____D C:\Users\Helmut Klein\AppData\Roaming\Skype
2015-08-23 15:50 - 2012-11-11 12:01 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 15:50 - 2012-10-20 09:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 14:36 - 2015-05-23 21:38 - 00000360 _____ C:\Windows\Tasks\HPCeeScheduleForHelmut Klein.job
2015-08-23 13:39 - 2012-11-11 12:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-23 08:36 - 2014-11-17 14:23 - 00000000 ____D C:\Users\Helmut Klein\AppData\Roaming\ViberPC
2015-08-23 08:35 - 2014-11-17 14:21 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\Viber
2015-08-23 08:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-23 08:33 - 2009-07-14 06:51 - 00123189 _____ C:\Windows\setupact.log
2015-08-22 13:35 - 2012-10-12 11:12 - 00000000 ____D C:\Users\Helmut Klein
2015-08-22 13:27 - 2010-11-21 05:47 - 00827894 _____ C:\Windows\PFRO.log
2015-08-22 13:16 - 2013-02-19 15:56 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-22 13:16 - 2013-02-19 15:56 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-22 13:16 - 2012-11-11 12:02 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-22 13:16 - 2012-10-12 12:22 - 00001413 _____ C:\Users\Helmut Klein\Desktop\Internet Explorer.lnk
2015-08-22 13:16 - 2012-10-12 11:17 - 00001425 _____ C:\Users\Helmut Klein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-22 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2015-08-22 12:34 - 2014-04-11 11:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-22 12:26 - 2013-02-19 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-21 14:26 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-21 14:07 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-21 13:21 - 2013-02-19 15:59 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\Mozilla
2015-08-20 18:20 - 2014-04-11 11:08 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-19 20:45 - 2011-11-15 23:58 - 00769376 _____ C:\Windows\system32\perfh007.dat
2015-08-19 20:45 - 2011-11-15 23:58 - 00176412 _____ C:\Windows\system32\perfc007.dat
2015-08-19 20:45 - 2009-07-14 07:13 - 01816816 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 20:41 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 20:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-19 20:33 - 2012-10-12 14:49 - 01791096 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-19 17:36 - 2014-04-11 11:09 - 00001066 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-19 17:36 - 2014-04-11 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-19 17:36 - 2014-04-11 11:08 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-19 14:17 - 2012-10-16 13:54 - 00000000 ____D C:\Users\Helmut Klein\AppData\Local\CrashDumps
2015-08-19 11:40 - 2012-10-19 16:53 - 00000000 ____D C:\ProgramData\Lexware
2015-08-18 13:30 - 2012-10-17 11:05 - 00000099 _____ C:\Users\Public\LMDebug.log
2015-08-18 09:02 - 2012-10-12 15:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-18 09:02 - 2011-11-15 15:41 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 20:36 - 2015-05-23 21:38 - 00003228 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHelmut Klein
2015-08-15 20:36 - 2012-10-15 09:18 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-13 09:20 - 2012-10-20 09:37 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 09:20 - 2012-10-20 09:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 09:20 - 2012-10-16 12:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-13 08:23 - 2009-07-14 06:45 - 00368728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 08:19 - 2014-12-10 18:51 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 08:19 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 23:25 - 2013-03-14 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 23:24 - 2013-03-14 10:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 23:24 - 2013-03-14 10:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:16 - 2013-07-17 23:01 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 23:10 - 2012-10-12 16:15 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-01 07:31 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2015-08-01 07:22 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-31 19:27 - 2012-11-14 14:56 - 00128000 ___SH C:\Users\Helmut Klein\Documents\Thumbs.db
2015-07-26 09:39 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-25 14:45 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:15 - 2015-04-05 00:13 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-25 14:29 - 2014-03-25 14:29 - 0000116 _____ () C:\Users\Helmut Klein\AppData\Roaming\BEVI.CFG
2012-10-28 11:20 - 2015-02-16 16:10 - 0008704 _____ () C:\Users\Helmut Klein\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-16 17:22 - 2015-04-14 14:34 - 0004865 _____ () C:\Users\Helmut Klein\AppData\Local\EmptySettings.xml
2013-12-25 10:09 - 2013-12-25 10:09 - 0004096 ____H () C:\Users\Helmut Klein\AppData\Local\keyfile3.drm
2013-01-10 10:12 - 2013-01-10 11:11 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Helmut Klein\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-23 13:03

==================== Ende von Ergebnis ============================

Code:

ATTFilter

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.232  
 Adobe Reader XI  
 Mozilla Firefox 35.0 Firefox out of Date!  
 Google Chrome (44.0.2403.155) 
 Google Chrome (44.0.2403.157) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Mobile Partner OnlineUpdate ouc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

schrauber · 24.08.2015, 07:24

Java und Firefox updaten. Die Funde von ESET im Downloadordner und der Externen einfach von Hand löschen.

Noch Probleme mit dem System?

berndi78 · 24.08.2015, 14:57

Danke schrauber,

es läuft alles wieder so wie es sein soll und dazu noch schneller.

Vielen Dank

Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe

Plagegeister aller Art und deren Bekämpfung: Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe