Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: redirect Virus Windows 7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.08.2015, 14:18   #1
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



hi,

bei mir öffnet sich immer wieder eine neu Seite von redirect.
Parallel dazu öffnet sich die Seite Seitensprungarea.
habe bereits das erste mal FRST drüber laufen lassen.

Hier die Logfiles
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von Filep (Administrator) auf FILEP-PC (31-08-2015 14:10:33)
Gestartet von C:\Users\Filep\Downloads
Geladene Profile: Filep (Verfügbare Profile: Filep & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Apple Inc.) F:\Programme\Program Files (x86)\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Word Explorer\Launch.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Bandoo Media, inc) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(MovieDea) C:\Program Files (x86)\MovieDea\MovieDea.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL2\KHALMNPR.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coNatHstNF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => F:\Programme\Program Files (x86)\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UCam_Menu] => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
HKLM-x32\...\Run: [TotalMediaTVMonitor] => "C:\Program Files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-23] (Bitleader)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2009-10-19] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA)
HKLM-x32\...\Run: [DATAMNGR] => C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1546640 2011-06-01] (Bandoo Media, inc)
HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3184640 2015-06-03] (MovieDea)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183\n.ACHTUNG! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify Web Helper] => C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-24] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify] => C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-24] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Dropbox Update] => C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS211018-SHPD-FSD40014}] => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe /m
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-06-25]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-06-25]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49827;https=127.0.0.1:49827
Winsock: Catalog5 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{C2EBE2D5-7A37-4D2E-883C-3C7C966033DA}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DAB167F1-50C2-4BC8-A4BD-8510C13A125F}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://www.google.de/
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
URLSearchHook: HKLM-x32 - (Kein Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Keine Datei
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL = 
SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll [2011-06-01] (Bandoo Media, inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-07-13] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: IEPlugin.BHO -> {2159cb25-ef9a-54c1-b43c-e30d1a4a8278} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll Keine Datei
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] ()
BHO-x32: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll [2011-06-01] (Bandoo Media, inc)
BHO-x32: DealPly -> {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO-x32: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO-x32: Kein Name -> {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} ->  Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Keine Datei
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-07-13] (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] ()
Toolbar: HKLM-x32 - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7

FireFox:
========
FF ProfilePath: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default
FF Homepage: about:home
FF NetworkProxy: "ftp", "proxyus.stealthy.co"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "proxyus.stealthy.co"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "proxyus.stealthy.co"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "proxyus.stealthy.co"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> F:\Programme\Program Files (x86)\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Keine Datei
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\searchplugins\safesearch.xml [2015-02-22]
FF Extension: Stealthy - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\stealthyextension@gmail.com.xpi [2015-02-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-07-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2015-08-31]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw
FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw [2015-08-31]
FF HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Kein Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [nicht gefunden]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Program Files (x86)\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-02-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-12]
CHR Extension: (Stealthy) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-06-13]
CHR Extension: (eBay for Chrome) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30]
CHR Extension: (Audio EQ) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-06-13]
CHR Extension: (Norton™ Family) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]
CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden>
CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [129440 2011-01-13] (Futuremark Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation)
R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [364416 2015-08-21] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [314680 2015-08-21] (Symantec Corporation)
S2 CLKMSVC10_9EC60124; "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [691712 2008-04-14] (DiBcom SA)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert]
S3 NvStUSB; C:\Windows\System32\DRIVERS\nvstusb.sys [63592 2010-06-07] ()
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [243416 2015-08-19] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X]
U2 SharedAccess; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-31 14:10 - 2015-08-31 14:10 - 00048004 _____ C:\Users\Filep\Downloads\FRST.txt
2015-08-31 14:10 - 2015-08-31 14:10 - 00000000 ____D C:\FRST
2015-08-31 14:09 - 2015-08-31 14:09 - 02188288 _____ (Farbar) C:\Users\Filep\Downloads\FRST64.exe
2015-08-31 14:09 - 2015-08-31 14:09 - 00000085 _____ C:\Windows\wininit.ini
2015-08-31 14:04 - 2015-08-31 14:04 - 00000791 _____ C:\Users\Filep\Desktop\[TV]Samsung LED46 - Verknüpfung.lnk
2015-08-31 13:59 - 2015-08-31 13:58 - 00000797 _____ C:\Windows\system32\Drivers\etc\hosts.20150831-135934.backup
2015-08-31 13:41 - 2015-08-31 14:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-31 13:41 - 2015-08-31 13:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-31 13:31 - 2015-08-31 13:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Filep\Downloads\spybot-2.4.exe
2015-08-31 13:18 - 2015-08-31 13:18 - 00000000 ____D C:\Users\Filep\AppData\Local\Microsoft Help
2015-08-22 18:50 - 2015-08-31 13:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Family
2015-08-22 18:49 - 2015-08-31 13:00 - 00000000 ____D C:\Windows\system32\Drivers\NSMx64
2015-08-22 18:49 - 2015-08-22 18:53 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-08-22 18:49 - 2015-08-22 18:49 - 01038368 _____ (Symantec Corporation) C:\Users\Filep\Downloads\NF_Installer.exe
2015-08-22 18:49 - 2015-08-22 18:49 - 00001227 _____ C:\Users\Filep\Desktop\Norton Installation Files.lnk
2015-08-22 18:49 - 2015-08-22 18:49 - 00000000 ____D C:\Program Files (x86)\Norton Family
2015-08-22 17:33 - 2015-08-22 17:33 - 00000000 ____D C:\games
2015-08-22 17:31 - 2015-08-31 13:13 - 00000000 ____D C:\Program Files (x86)\MovieDea
2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\PDFConvert
2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Convertor
2015-08-22 17:31 - 2015-08-22 17:31 - 00536412 _____ C:\Users\Filep\Downloads\Icy Tower.zip
2015-08-22 17:31 - 2015-08-22 17:31 - 00003768 _____ C:\Windows\System32\Tasks\Convertor
2015-08-22 17:31 - 2015-08-22 17:31 - 00003292 _____ C:\Windows\System32\Tasks\Winsta Update
2015-08-22 17:31 - 2015-08-22 17:31 - 00003236 _____ C:\Windows\System32\Tasks\WinKit
2015-08-22 17:31 - 2015-08-22 17:31 - 00002726 _____ C:\claraInstaller.txt
2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Winsta
2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MovieDea
2015-08-18 22:05 - 2015-08-16 12:15 - 1529124864 _____ C:\Users\Filep\Desktop\Heiratsantrag.MTS
2015-08-18 22:00 - 2015-08-18 22:03 - 105186437 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt neu.mp4
2015-08-18 21:55 - 2015-08-18 21:58 - 48992010 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt.mp4
2015-08-18 21:54 - 2015-08-18 21:54 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Digiarty
2015-08-18 21:53 - 2015-08-18 21:53 - 36396504 _____ (Digiarty Software, Inc. ) C:\Users\Filep\Downloads\winx-hd-converter-deluxe.exe
2015-08-18 19:51 - 2015-08-18 19:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Movavi
2015-08-18 19:45 - 2015-08-31 13:26 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 15
2015-08-18 19:40 - 2015-08-18 19:40 - 39158440 _____ (Movavi) C:\Users\Filep\Downloads\MovaviVideoConverterSetupC.exe
2015-08-16 21:51 - 2015-08-16 21:51 - 00001646 _____ C:\Users\Public\Desktop\Aiseesoft AVCHD Video Converter.lnk
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\Documents\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2015-08-16 21:50 - 2015-08-16 21:50 - 24566856 _____ (Aiseesoft Studio ) C:\Users\Filep\Downloads\avchd-video-60converter.exe
2015-08-14 17:10 - 2015-08-14 17:10 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 16:53 - 2015-08-12 16:53 - 00000000 ____D C:\Users\Filep\AppData\Local\CEF
2015-08-11 16:59 - 2015-08-11 16:59 - 00160154 _____ C:\Users\Filep\Downloads\Ihr Besuch in Tripsdrill.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 13:54 - 2015-06-26 15:44 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job
2015-08-31 13:20 - 2011-03-06 01:37 - 00000344 _____ C:\Windows\lgfwup.ini
2015-08-31 13:20 - 2011-02-27 18:20 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2015-08-31 13:18 - 2011-03-16 01:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 13:16 - 2013-12-29 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-31 13:04 - 2009-07-14 19:58 - 00702980 _____ C:\Windows\system32\perfh007.dat
2015-08-31 13:04 - 2009-07-14 19:58 - 00150620 _____ C:\Windows\system32\perfc007.dat
2015-08-31 13:04 - 2009-07-14 07:13 - 01629334 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-31 13:02 - 2011-02-26 23:37 - 01282059 _____ C:\Windows\WindowsUpdate.log
2015-08-31 13:01 - 2015-04-20 20:50 - 00000000 ___RD C:\Users\Filep\iCloudDrive
2015-08-31 13:01 - 2015-02-21 10:19 - 00000000 ___RD C:\Users\Filep\Dropbox
2015-08-31 13:01 - 2015-02-17 20:37 - 00000000 ____D C:\Users\Filep\AppData\Local\Spotify
2015-08-31 13:01 - 2014-10-24 15:34 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Dropbox
2015-08-31 13:01 - 2013-12-31 18:27 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Spotify
2015-08-31 13:01 - 2011-03-16 01:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-31 13:00 - 2011-03-06 08:36 - 00405844 _____ C:\Windows\PFRO.log
2015-08-31 13:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-31 13:00 - 2009-07-14 06:51 - 00152607 _____ C:\Windows\setupact.log
2015-08-29 20:13 - 2011-03-16 01:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 20:13 - 2011-03-16 01:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 19:00 - 2011-12-10 15:00 - 00000286 _____ C:\Windows\Tasks\RMSchedule.job
2015-08-29 15:54 - 2015-06-26 15:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job
2015-08-29 14:57 - 2014-08-10 14:23 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-08-29 14:57 - 2014-08-10 14:23 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-08-24 20:07 - 2011-12-10 20:00 - 00000418 _____ C:\Windows\SysWOW64\AppLog.log
2015-08-22 20:28 - 2011-12-10 15:00 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2015-08-22 18:49 - 2015-07-11 18:41 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-08-22 18:49 - 2013-11-09 19:10 - 03020800 ___SH C:\Users\Filep\Desktop\Thumbs.db
2015-08-21 16:34 - 2015-07-10 15:21 - 00002002 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-08-21 16:34 - 2013-11-23 19:50 - 00376272 _____ C:\Windows\DPINST.LOG
2015-08-21 16:34 - 2011-02-26 23:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-19 20:08 - 2011-03-06 07:24 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2015-08-18 19:51 - 2011-02-26 23:37 - 00000000 ____D C:\Users\Filep
2015-08-12 16:54 - 2014-04-06 19:13 - 00000000 ____D C:\Users\Filep\AppData\Local\Akamai

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-14 20:18 - 2015-03-14 20:19 - 4286798 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:19 - 0000326 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0385602 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS
2015-03-14 20:18 - 2015-04-26 17:46 - 0000220 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0193463 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:18 - 0000250 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS.part
2013-05-04 12:08 - 2013-05-04 12:08 - 0000000 _____ () C:\ProgramData\as98213.txt
2012-07-21 10:34 - 2015-06-25 13:03 - 0015768 _____ () C:\ProgramData\hpzinstall.log
2015-08-18 19:45 - 2015-08-18 19:45 - 0000016 _____ () C:\ProgramData\mntemp
2013-05-04 12:08 - 2013-05-04 12:08 - 95023320 ____T () C:\ProgramData\otrheq.pad

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1820486185-2003612580-2916385394-1000\$6c5270fbd1f095797ae707850c85a183

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183

Einige Dateien in TEMP:
====================
C:\Users\Filep\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7zlp1z.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. 


LastRegBack: 2015-08-22 11:32

==================== Ende von FRST.txt ============================
         


Danke im Voraus

Gruß Alex

Alt 31.08.2015, 14:21   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Hi,

du hast nen ZeroAccess im System...

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 31.08.2015, 19:45   #3
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Danke für die schnelle Antwort.
Es gab keine Probleme mit Norton und keine Fehlermeldung beim Neustart.

Code:
ATTFilter
ComboFix 15-08-31.01 - Filep 31.08.2015  20:34:47.2.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16382.12441 [GMT 2:00]
ausgeführt von:: c:\users\Filep\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton Internet Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton Internet Security *Disabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\null.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\afd.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndis.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndisuio.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbios.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\usbehci.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_1a7606b53634947e\usbehci.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\intelppm.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tcpip.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbt.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\asyncmac.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\cdrom.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\Serial.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndproxy.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ws2ifsl.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\i8042prt.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tdx.sys fehlte 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys wurde wiederhergestellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-28 bis 2015-08-31  ))))))))))))))))))))))))))))))
.
.
2015-08-31 18:38 . 2015-08-31 18:38	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2015-08-31 18:38 . 2010-11-20 09:21	119296	----a-w-	c:\windows\SysWow64\drivers\tdx.sys
2015-08-31 18:38 . 2009-07-13 23:19	105472	----a-w-	c:\windows\SysWow64\drivers\i8042prt.sys
2015-08-31 18:38 . 2009-07-14 00:10	21504	----a-w-	c:\windows\SysWow64\drivers\ws2ifsl.sys
2015-08-31 18:38 . 2010-11-20 10:52	57856	----a-w-	c:\windows\SysWow64\drivers\ndproxy.sys
2015-08-31 18:38 . 2009-07-14 00:00	94208	----a-w-	c:\windows\SysWow64\drivers\Serial.sys
2015-08-31 18:38 . 2010-11-20 09:19	147456	----a-w-	c:\windows\SysWow64\drivers\cdrom.sys
2015-08-31 18:38 . 2009-07-14 00:10	23040	----a-w-	c:\windows\SysWow64\drivers\asyncmac.sys
2015-08-31 18:38 . 2010-11-20 09:23	261632	----a-w-	c:\windows\SysWow64\drivers\netbt.sys
2015-08-31 18:38 . 2012-10-03 17:56	1914248	----a-w-	c:\windows\SysWow64\drivers\tcpip.sys
2015-08-31 18:38 . 2009-07-13 23:19	62464	----a-w-	c:\windows\SysWow64\drivers\intelppm.sys
2015-08-31 18:37 . 2011-03-29 03:32	52224	----a-w-	c:\windows\SysWow64\drivers\usbehci.sys
2015-08-31 18:37 . 2009-07-14 00:09	44544	----a-w-	c:\windows\SysWow64\drivers\netbios.sys
2015-08-31 18:37 . 2010-11-20 10:50	56832	----a-w-	c:\windows\SysWow64\drivers\ndisuio.sys
2015-08-31 18:37 . 2012-08-22 18:12	950128	----a-w-	c:\windows\SysWow64\drivers\ndis.sys
2015-08-31 18:37 . 2011-12-28 04:01	498176	----a-w-	c:\windows\SysWow64\drivers\afd.sys
2015-08-31 18:37 . 2009-07-13 23:19	6144	----a-w-	c:\windows\SysWow64\drivers\null.sys
2015-08-31 12:41 . 2015-08-31 12:42	--------	d-----w-	C:\AdwCleaner
2015-08-31 12:32 . 2015-08-31 12:32	--------	d-----w-	c:\users\Filep\AppData\Local\VirtualStore
2015-08-31 12:14 . 2015-08-31 12:14	--------	d-----w-	c:\programdata\Malwarebytes
2015-08-31 12:10 . 2015-08-31 12:11	--------	d-----w-	C:\FRST
2015-08-31 12:01 . 2015-08-31 12:01	--------	d-----w-	c:\users\Filep\AppData\Local\ElevatedDiagnostics
2015-08-31 11:41 . 2015-08-31 12:09	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-08-31 11:41 . 2015-08-31 12:29	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-08-31 11:18 . 2015-08-31 11:18	--------	d-----w-	c:\users\Filep\AppData\Local\Microsoft Help
2015-08-22 16:49 . 2015-08-31 11:00	--------	d-----w-	c:\windows\system32\drivers\NSMx64
2015-08-22 16:49 . 2015-08-22 16:49	--------	d-----w-	c:\program files (x86)\Norton Family
2015-08-22 15:33 . 2015-08-22 15:33	--------	d-----w-	C:\games
2015-08-18 19:54 . 2015-08-18 19:54	--------	d-----w-	c:\users\Filep\AppData\Roaming\Digiarty
2015-08-18 17:51 . 2015-08-18 17:51	--------	d-----w-	c:\users\Filep\.fontconfig
2015-08-18 17:51 . 2015-08-18 17:51	--------	d-----w-	c:\users\Filep\AppData\Local\Movavi
2015-08-18 17:45 . 2015-08-18 17:45	--------	d-----w-	c:\programdata\Movavi
2015-08-18 17:45 . 2015-08-18 17:45	--------	d-----w-	c:\programdata\Movavi Video Converter 15
2015-08-16 19:51 . 2015-08-16 19:51	--------	d-----w-	c:\users\Filep\AppData\Local\Aiseesoft Studio
2015-08-16 19:51 . 2015-08-16 19:51	--------	d-----w-	c:\programdata\Aiseesoft Studio
2015-08-16 19:51 . 2015-08-16 19:51	--------	d-----w-	c:\program files (x86)\Aiseesoft Studio
2015-08-12 14:53 . 2015-08-12 14:53	--------	d-----w-	c:\users\Filep\AppData\Local\CEF
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-29 12:57 . 2014-08-10 12:23	111344	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2015-07-11 01:06 . 2015-07-26 15:07	576248	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\symnets.sys
2015-07-11 01:06 . 2015-07-26 15:07	24192	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\symelam.sys
2015-07-11 01:06 . 2015-07-26 15:07	297720	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\ironx64.sys
2015-07-11 01:06 . 2015-07-26 15:07	1620720	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\symefasi64.sys
2015-07-11 01:06 . 2015-07-26 15:07	926448	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\srtsp64.sys
2015-07-11 01:06 . 2015-07-26 15:07	50936	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\srtspx64.sys
2015-07-11 01:06 . 2015-07-26 15:07	173808	----a-w-	c:\windows\system32\drivers\NISx64\1605020.00F\ccsetx64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-08-31 2018360]
"Spotify"="c:\users\Filep\AppData\Roaming\Spotify\Spotify.exe" [2015-08-31 7535672]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2015-07-24 457088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-04-22 2363392]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-11-21 43816]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"Akamai NetSession Interface"="c:\users\Filep\AppData\Local\Akamai\netsession_win.exe" [2015-07-23 4691384]
"Dropbox Update"="c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-26 134512]
"GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-08-18 813896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-23 27760]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-10-19 36864]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"GoPro Studio Importer"="c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe" [2015-07-02 3217672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39179912]
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2014-1-24 14140416]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2015-7-2 3217672]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-3-14 1207312]
NewShortcut5.lnk - c:\program files (x86)\Word Explorer\Launch.exe [2008-10-30 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TampMon]
@="Service"
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/06 00:35;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 EraserUtilDrv11310;EraserUtilDrv11310;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [x]
R3 EraserUtilDrv11313;EraserUtilDrv11313;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
R3 LVUVC64;QuickCam for Notebooks Pro(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x]
R3 PVUSB;CESG502 64bit USB Driver;c:\windows\system32\DRIVERS\CESG64.sys;c:\windows\SYSNATIVE\DRIVERS\CESG64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Family;c:\windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS;c:\windows\SYSNATIVE\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\ccSetx64.sys [x]
S1 ccSet_NSM;Norton Family Settings Manager;c:\windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSMx64\0304000.02B\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1605020.00F\SYMNETS.SYS [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 mitsijm2014;Autodesk Simulation Moldflow MITSI 2014 Job-Manager;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [x]
S2 NSM;Norton Family;c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe;c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TampMon;Norton Family Tamper Monitoring;c:\program files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe;c:\program files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-04-22 12:09	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-21 15:13	993608	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 14:18]
.
2015-08-31 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job
- c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26 13:44]
.
2015-08-31 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job
- c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26 13:44]
.
2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-29 15:08]
.
2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-29 15:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-23 27760]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-10-19 36864]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"GoPro Studio Importer"="c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe" [2015-07-02 3217672]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
Rebuilding ... You need to reboot your machine for this to take effect.
.
AppInfo
browser
EapHost
hkmsvc
IKEEXT
MMCSS
ProfSvc
seclogon
Themes
wercplsupport
BDESVC
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Word Explorer starten - c:\program files (x86)\Word Explorer\cnie5.htm
IE: {{26231800-6CE9-43d8-9357-5B4DC8CF4561} - c:\program files (x86)\Word Explorer\cnie5.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.ftp - proxyus.stealthy.co
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - proxyus.stealthy.co
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - proxyus.stealthy.co
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - proxyus.stealthy.co
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\steam.exe
Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-TotalMediaTVMonitor - c:\program files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe
Wow6432Node-HKLM-Run-CLMLServer - c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
Wow6432Node-HKU-Default-Run-Norton Download Manager{NIS211018-SHPD-FSD40014} - c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk - e:\dateien von system (c)\Biet-O-Matic\Biet-O-Matic.exe
Toolbar-10 - (no file)
HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
HKLM-Run-TotalMediaTVMonitor - c:\program files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe
HKLM-Run-CLMLServer - c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
AddRemove-AMX Mod X Installer - c:\program files (x86)\AMX Mod X\uninst.exe
AddRemove-AVMWLANCLI - c:\program files (x86)\avmwlanstick\instwcli.exe
AddRemove-Biet-O-Matic v2.14.12 - c:\progra~2\Biet-O-Matic\UNWISE.EXE
AddRemove-CrystalDiskInfo_is1 - c:\program files (x86)\CrystalDiskInfo\unins000.exe
AddRemove-Free M4a to MP3 Converter_is1 - c:\program files (x86)\Free M4a to MP3 Converter\unins000.exe
AddRemove-GoPro Studio - c:\program files (x86)\GoPro\GoPro Studio\uninst.exe
AddRemove-HD Tune Pro_is1 - c:\program files (x86)\HD Tune Pro\unins000.exe
AddRemove-HD Tune_is1 - c:\program files (x86)\HD Tune\unins000.exe
AddRemove-HLSW_is1 - c:\program files (x86)\HLSW\unins000.exe
AddRemove-IncrediMail_MediaBar_2 Toolbar - c:\program files (x86)\IncrediMail_MediaBar_2\uninstall.exe
AddRemove-Lernstudio Italienisch_is1 - c:\program files (x86)\Lernstudio Italienisch\unins000.exe
AddRemove-MagniDriver - c:\program files (x86)\Marvell\mv91xx\uninst-91xx.exe
AddRemove-MP3-Sprachführer Italienisch_is1 - c:\program files (x86)\MP3-Sprachführer Italienisch\unins000.exe
AddRemove-Steam - c:\program files (x86)\Steam\uninstall.exe
AddRemove-Steam App 10 - c:\program files (x86)\Steam\steam.exe
AddRemove-TeamSpeak 3 Client - c:\program files (x86)\TeamSpeak 3 Client\uninstall.exe
AddRemove-Toolbar3_is1 - c:\program files (x86)\Deutsche Telekom\Toolbar3\unins000.exe
AddRemove-Update Engine - c:\program files (x86)\Sony Mobile\Update Engine\uninst.exe
AddRemove-VLC media player - c:\program files (x86)\VideoLAN\VLC\uninstall.exe
AddRemove-Web & TV Stick - c:\program files (x86)\Web & TV Stick\uninst.exe
AddRemove-{7E265513-8CDA-4631-B696-F40D983F3B07}_is1 - c:\program files\CDBurnerXP\unins001.exe
AddRemove-{B0A4869D-5776-4D16-A88E-CD9B677747AC}_is1 - c:\program files (x86)\DJI Product\Lightbridge Assistant\unins000.exe
AddRemove-{EDCE7221-F31F-407A-B348-30D011ED3126}_is1 - c:\program files (x86)\DJI Product\Phantom 2 Vision Assistant_3.8\unins000.exe
AddRemove-{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1 - c:\program files (x86)\DJI Product\DJI driver2.02\unins000.exe
AddRemove-UnityWebPlayer - c:\users\Filep\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NSM]
"ImagePath"="\"c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe\" /s \"NSM\" /m \"c:\program files (x86)\Norton Family\Engine\3.4.0.43\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15;c:\program files (x86)\Norton Internet Security\Engine64\22.5.2.15"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}]
@Denied: (A) (Administrators)
@="Norton Family BHO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}\InprocServer32]
@="c:\\Program Files (x86)\\Norton Family\\Engine\\3.4.0.43\\coIEPlg.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Google\Chrome\Extensions\napjheenlliimoedooldaalpjfidlidp]
@Denied: (A) (Administrators)
"path"="c:\\Program Files (x86)\\Norton Family\\Engine\\3.4.0.43\\Extensions\\Chrome.crx"
"update_url"="https://clients2.google.com/service/update2/crx"
"version"="3.4.0.43"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{B8E07826-0971-4f16-B133-047B88034E89}]
@Denied: (A) (Administrators)
"Compatibility Flags"=dword:00000400
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\SymRdr\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}]
@Denied: (A) (Administrators)
"Level"=dword:00000002
"Service"="SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-31  20:42:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-08-31 18:42
.
Vor Suchlauf: 11 Verzeichnis(se), 18.481.078.272 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 18.048.204.800 Bytes frei
.
- - End Of File - - 219DAD2ED4D80678C141441F488C942F
A36C5E4F47E84449FF07ED3517B43A31
         
__________________

Alt 31.08.2015, 20:11   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Uii da fehlten aber Systemdateien

Systen neu gestartet? Wenn nicht bitte nachholen, dann weitermachen mit tdsskiller:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 31.08.2015, 20:43   #5
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



System neustart wurde automatisch nach Beendigung ausgeführt?
Habe nochmal einen Neustart gemacht und dann mit TDSSkiller begonnen.
Hier das Ergebniss.

Code:
ATTFilter
21:35:36.0154 0x10a0  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:35:41.0716 0x10a0  ============================================================
21:35:41.0716 0x10a0  Current date / time: 2015/08/31 21:35:41.0716
21:35:41.0716 0x10a0  SystemInfo:
21:35:41.0716 0x10a0  
21:35:41.0716 0x10a0  OS Version: 6.1.7601 ServicePack: 1.0
21:35:41.0716 0x10a0  Product type: Workstation
21:35:41.0716 0x10a0  ComputerName: FILEP-PC
21:35:41.0716 0x10a0  UserName: Filep
21:35:41.0716 0x10a0  Windows directory: C:\Windows
21:35:41.0716 0x10a0  System windows directory: C:\Windows
21:35:41.0716 0x10a0  Running under WOW64
21:35:41.0716 0x10a0  Processor architecture: Intel x64
21:35:41.0717 0x10a0  Number of processors: 8
21:35:41.0717 0x10a0  Page size: 0x1000
21:35:41.0717 0x10a0  Boot type: Normal boot
21:35:41.0717 0x10a0  ============================================================
21:35:43.0125 0x10a0  KLMD registered as C:\Windows\system32\drivers\30353827.sys
21:35:46.0342 0x10a0  System UUID: {69068F7C-F83C-2440-FE86-B379D74BC40C}
21:35:53.0913 0x10a0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
21:35:53.0913 0x10a0  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:35:53.0917 0x10a0  Drive \Device\Harddisk2\DR2 - Size: 0x3BA300000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:35:53.0921 0x10a0  ============================================================
21:35:53.0921 0x10a0  \Device\Harddisk1\DR1:
21:35:53.0921 0x10a0  MBR partitions:
21:35:53.0921 0x10a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:35:53.0922 0x10a0  \Device\Harddisk0\DR0:
21:35:53.0922 0x10a0  MBR partitions:
21:35:53.0922 0x10a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:35:53.0922 0x10a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
21:35:53.0922 0x10a0  \Device\Harddisk2\DR2:
21:35:53.0923 0x10a0  MBR partitions:
21:35:53.0923 0x10a0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
21:35:53.0923 0x10a0  ============================================================
21:35:53.0924 0x10a0  C: <-> \Device\Harddisk0\DR0\Partition2
21:35:53.0936 0x10a0  F: <-> \Device\Harddisk1\DR1\Partition1
21:35:53.0937 0x10a0  ============================================================
21:35:53.0937 0x10a0  Initialize success
21:35:53.0937 0x10a0  ============================================================
21:36:37.0124 0x06dc  ============================================================
21:36:37.0124 0x06dc  Scan started
21:36:37.0124 0x06dc  Mode: Manual; SigCheck; TDLFS; 
21:36:37.0124 0x06dc  ============================================================
21:36:37.0124 0x06dc  KSN ping started
21:36:39.0505 0x06dc  KSN ping finished: true
21:36:39.0660 0x06dc  ================ Scan system memory ========================
21:36:39.0660 0x06dc  System memory - ok
21:36:39.0660 0x06dc  ================ Scan services =============================
21:36:39.0699 0x06dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:36:39.0745 0x06dc  1394ohci - ok
21:36:39.0757 0x06dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:36:39.0773 0x06dc  ACPI - ok
21:36:39.0776 0x06dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:36:39.0798 0x06dc  AcpiPmi - ok
21:36:39.0806 0x06dc  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:36:39.0815 0x06dc  AdobeARMservice - ok
21:36:39.0846 0x06dc  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:36:39.0862 0x06dc  AdobeFlashPlayerUpdateSvc - ok
21:36:39.0876 0x06dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:36:39.0897 0x06dc  adp94xx - ok
21:36:39.0907 0x06dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:36:39.0923 0x06dc  adpahci - ok
21:36:39.0929 0x06dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:36:39.0941 0x06dc  adpu320 - ok
21:36:39.0947 0x06dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:36:40.0006 0x06dc  AeLookupSvc - ok
21:36:40.0020 0x06dc  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
21:36:40.0044 0x06dc  AFD - ok
21:36:40.0048 0x06dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:36:40.0058 0x06dc  agp440 - ok
21:36:40.0062 0x06dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:36:40.0077 0x06dc  ALG - ok
21:36:40.0080 0x06dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:36:40.0089 0x06dc  aliide - ok
21:36:40.0092 0x06dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:36:40.0101 0x06dc  amdide - ok
21:36:40.0104 0x06dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:36:40.0118 0x06dc  AmdK8 - ok
21:36:40.0122 0x06dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:36:40.0134 0x06dc  AmdPPM - ok
21:36:40.0138 0x06dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:36:40.0150 0x06dc  amdsata - ok
21:36:40.0156 0x06dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:36:40.0169 0x06dc  amdsbs - ok
21:36:40.0173 0x06dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:36:40.0181 0x06dc  amdxata - ok
21:36:40.0185 0x06dc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:36:40.0248 0x06dc  AppID - ok
21:36:40.0252 0x06dc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:36:40.0280 0x06dc  AppIDSvc - ok
21:36:40.0284 0x06dc  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
21:36:40.0307 0x06dc  Appinfo - ok
21:36:40.0313 0x06dc  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:36:40.0321 0x06dc  Apple Mobile Device Service - ok
21:36:40.0328 0x06dc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:36:40.0342 0x06dc  AppMgmt - ok
21:36:40.0347 0x06dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:36:40.0360 0x06dc  arc - ok
21:36:40.0364 0x06dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:36:40.0376 0x06dc  arcsas - ok
21:36:40.0379 0x06dc  [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
21:36:40.0389 0x06dc  AsIO - ok
21:36:40.0402 0x06dc  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:36:40.0415 0x06dc  aspnet_state - ok
21:36:40.0418 0x06dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:40.0443 0x06dc  AsyncMac - ok
21:36:40.0446 0x06dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:36:40.0455 0x06dc  atapi - ok
21:36:40.0471 0x06dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:40.0509 0x06dc  AudioEndpointBuilder - ok
21:36:40.0525 0x06dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:36:40.0561 0x06dc  AudioSrv - ok
21:36:40.0572 0x06dc  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:36:40.0585 0x06dc  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
21:36:42.0954 0x06dc  Detect skipped due to KSN trusted
21:36:42.0954 0x06dc  AVM WLAN Connection Service - ok
21:36:42.0960 0x06dc  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
21:36:42.0979 0x06dc  avmeject - ok
21:36:42.0989 0x06dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:36:43.0020 0x06dc  AxInstSV - ok
21:36:43.0032 0x06dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:36:43.0055 0x06dc  b06bdrv - ok
21:36:43.0064 0x06dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:36:43.0081 0x06dc  b57nd60a - ok
21:36:43.0087 0x06dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:36:43.0099 0x06dc  BDESVC - ok
21:36:43.0102 0x06dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:36:43.0126 0x06dc  Beep - ok
21:36:43.0143 0x06dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:36:43.0181 0x06dc  BFE - ok
21:36:43.0219 0x06dc  [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys
21:36:43.0255 0x06dc  BHDrvx64 - ok
21:36:43.0277 0x06dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
21:36:43.0318 0x06dc  BITS - ok
21:36:43.0322 0x06dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:43.0332 0x06dc  blbdrive - ok
21:36:43.0344 0x06dc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:36:43.0359 0x06dc  Bonjour Service - ok
21:36:43.0364 0x06dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:36:43.0376 0x06dc  bowser - ok
21:36:43.0379 0x06dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:36:43.0399 0x06dc  BrFiltLo - ok
21:36:43.0402 0x06dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:36:43.0413 0x06dc  BrFiltUp - ok
21:36:43.0417 0x06dc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:36:43.0443 0x06dc  BridgeMP - ok
21:36:43.0449 0x06dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:36:43.0461 0x06dc  Browser - ok
21:36:43.0470 0x06dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:36:43.0488 0x06dc  Brserid - ok
21:36:43.0492 0x06dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:43.0504 0x06dc  BrSerWdm - ok
21:36:43.0507 0x06dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:43.0519 0x06dc  BrUsbMdm - ok
21:36:43.0522 0x06dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:43.0532 0x06dc  BrUsbSer - ok
21:36:43.0535 0x06dc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:36:43.0548 0x06dc  BthEnum - ok
21:36:43.0552 0x06dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:36:43.0564 0x06dc  BTHMODEM - ok
21:36:43.0569 0x06dc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:36:43.0583 0x06dc  BthPan - ok
21:36:43.0597 0x06dc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:36:43.0620 0x06dc  BTHPORT - ok
21:36:43.0625 0x06dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:36:43.0650 0x06dc  bthserv - ok
21:36:43.0654 0x06dc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:36:43.0665 0x06dc  BTHUSB - ok
21:36:43.0668 0x06dc  catchme - ok
21:36:43.0676 0x06dc  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys
21:36:43.0687 0x06dc  ccSet_NIS - ok
21:36:43.0694 0x06dc  [ 09A841B941CB375793AA174A60BEAAD5, BB961972EE4A8D5D9FA49FE211E5E114A36674992D56687670248229FCA797E8 ] ccSet_NSM       C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys
21:36:43.0703 0x06dc  ccSet_NSM - ok
21:36:43.0707 0x06dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:36:43.0732 0x06dc  cdfs - ok
21:36:43.0738 0x06dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:36:43.0751 0x06dc  cdrom - ok
21:36:43.0755 0x06dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:36:43.0780 0x06dc  CertPropSvc - ok
21:36:43.0784 0x06dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:36:43.0796 0x06dc  circlass - ok
21:36:43.0805 0x06dc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:36:43.0821 0x06dc  CLFS - ok
21:36:43.0824 0x06dc  CLKMSVC10_9EC60124 - ok
21:36:43.0830 0x06dc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:43.0841 0x06dc  clr_optimization_v2.0.50727_32 - ok
21:36:43.0847 0x06dc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:36:43.0858 0x06dc  clr_optimization_v2.0.50727_64 - ok
21:36:43.0868 0x06dc  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:43.0881 0x06dc  clr_optimization_v4.0.30319_32 - ok
21:36:43.0885 0x06dc  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:36:43.0898 0x06dc  clr_optimization_v4.0.30319_64 - ok
21:36:43.0902 0x06dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:36:43.0912 0x06dc  CmBatt - ok
21:36:43.0915 0x06dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:36:43.0923 0x06dc  cmdide - ok
21:36:43.0935 0x06dc  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
21:36:43.0957 0x06dc  CNG - ok
21:36:43.0960 0x06dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:36:43.0969 0x06dc  Compbatt - ok
21:36:43.0973 0x06dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:36:43.0985 0x06dc  CompositeBus - ok
21:36:43.0987 0x06dc  COMSysApp - ok
21:36:43.0995 0x06dc  cpuz135 - ok
21:36:43.0998 0x06dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:36:44.0007 0x06dc  crcdisk - ok
21:36:44.0014 0x06dc  [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:36:44.0029 0x06dc  CryptSvc - ok
21:36:44.0042 0x06dc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:36:44.0064 0x06dc  CSC - ok
21:36:44.0080 0x06dc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:36:44.0106 0x06dc  CscService - ok
21:36:44.0120 0x06dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:36:44.0154 0x06dc  DcomLaunch - ok
21:36:44.0163 0x06dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:36:44.0193 0x06dc  defragsvc - ok
21:36:44.0197 0x06dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:36:44.0222 0x06dc  DfsC - ok
21:36:44.0231 0x06dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:36:44.0249 0x06dc  Dhcp - ok
21:36:44.0253 0x06dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:36:44.0277 0x06dc  discache - ok
21:36:44.0281 0x06dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:36:44.0290 0x06dc  Disk - ok
21:36:44.0297 0x06dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:36:44.0311 0x06dc  Dnscache - ok
21:36:44.0318 0x06dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:36:44.0347 0x06dc  dot3svc - ok
21:36:44.0353 0x06dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:36:44.0378 0x06dc  DPS - ok
21:36:44.0381 0x06dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:36:44.0392 0x06dc  drmkaud - ok
21:36:44.0414 0x06dc  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:36:44.0438 0x06dc  DXGKrnl - ok
21:36:44.0444 0x06dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:36:44.0470 0x06dc  EapHost - ok
21:36:44.0536 0x06dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:36:44.0622 0x06dc  ebdrv - ok
21:36:44.0638 0x06dc  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:36:44.0656 0x06dc  eeCtrl - ok
21:36:44.0659 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
21:36:44.0670 0x06dc  EFS - ok
21:36:44.0687 0x06dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:36:44.0716 0x06dc  ehRecvr - ok
21:36:44.0721 0x06dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:36:44.0735 0x06dc  ehSched - ok
21:36:44.0748 0x06dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:36:44.0768 0x06dc  elxstor - ok
21:36:44.0771 0x06dc  EraserUtilDrv11310 - ok
21:36:44.0774 0x06dc  EraserUtilDrv11313 - ok
21:36:44.0781 0x06dc  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:36:44.0792 0x06dc  EraserUtilRebootDrv - ok
21:36:44.0795 0x06dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:36:44.0806 0x06dc  ErrDev - ok
21:36:44.0818 0x06dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:36:44.0851 0x06dc  EventSystem - ok
21:36:44.0858 0x06dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:36:44.0886 0x06dc  exfat - ok
21:36:44.0892 0x06dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:36:44.0921 0x06dc  fastfat - ok
21:36:44.0937 0x06dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:36:44.0963 0x06dc  Fax - ok
21:36:44.0967 0x06dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:36:44.0977 0x06dc  fdc - ok
21:36:44.0980 0x06dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:36:45.0004 0x06dc  fdPHost - ok
21:36:45.0008 0x06dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:36:45.0032 0x06dc  FDResPub - ok
21:36:45.0035 0x06dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:36:45.0045 0x06dc  FileInfo - ok
21:36:45.0048 0x06dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:36:45.0073 0x06dc  Filetrace - ok
21:36:45.0104 0x06dc  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
21:36:45.0143 0x06dc  FlexNet Licensing Service 64 - ok
21:36:45.0148 0x06dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:36:45.0159 0x06dc  flpydisk - ok
21:36:45.0167 0x06dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:36:45.0181 0x06dc  FltMgr - ok
21:36:45.0206 0x06dc  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\Windows\system32\FntCache.dll
21:36:45.0240 0x06dc  FontCache - ok
21:36:45.0245 0x06dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:36:45.0253 0x06dc  FontCache3.0.0.0 - ok
21:36:45.0256 0x06dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:36:45.0266 0x06dc  FsDepends - ok
21:36:45.0269 0x06dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:36:45.0277 0x06dc  Fs_Rec - ok
21:36:45.0282 0x06dc  [ E231333ACEE7C9713ACE10A7E0BE89D2, 74627FFC6ABE3844DC67F8922DE314682D1D47DFFE2D291AA7E1D0683F62694C ] Futuremark SystemInfo Service C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
21:36:45.0292 0x06dc  Futuremark SystemInfo Service - ok
21:36:45.0300 0x06dc  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:36:45.0314 0x06dc  fvevol - ok
21:36:45.0331 0x06dc  [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:36:45.0357 0x06dc  fwlanusbn - ok
21:36:45.0361 0x06dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:36:45.0372 0x06dc  gagp30kx - ok
21:36:45.0375 0x06dc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:36:45.0382 0x06dc  GEARAspiWDM - ok
21:36:45.0385 0x06dc  [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
21:36:45.0392 0x06dc  ggflt - ok
21:36:45.0395 0x06dc  [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
21:36:45.0402 0x06dc  ggsemc - ok
21:36:45.0420 0x06dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:36:45.0461 0x06dc  gpsvc - ok
21:36:45.0467 0x06dc  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:45.0476 0x06dc  gupdate - ok
21:36:45.0481 0x06dc  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:45.0490 0x06dc  gupdatem - ok
21:36:45.0493 0x06dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:36:45.0505 0x06dc  hcw85cir - ok
21:36:45.0514 0x06dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:36:45.0533 0x06dc  HdAudAddService - ok
21:36:45.0539 0x06dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:36:45.0553 0x06dc  HDAudBus - ok
21:36:45.0556 0x06dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:36:45.0567 0x06dc  HidBatt - ok
21:36:45.0571 0x06dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:36:45.0585 0x06dc  HidBth - ok
21:36:45.0589 0x06dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:36:45.0601 0x06dc  HidIr - ok
21:36:45.0605 0x06dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
21:36:45.0629 0x06dc  hidserv - ok
21:36:45.0632 0x06dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:36:45.0642 0x06dc  HidUsb - ok
21:36:45.0646 0x06dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:36:45.0671 0x06dc  hkmsvc - ok
21:36:45.0678 0x06dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:36:45.0693 0x06dc  HomeGroupListener - ok
21:36:45.0699 0x06dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:36:45.0713 0x06dc  HomeGroupProvider - ok
21:36:45.0724 0x06dc  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:36:45.0732 0x06dc  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
21:36:48.0107 0x06dc  Detect skipped due to KSN trusted
21:36:48.0107 0x06dc  hpqcxs08 - ok
21:36:48.0118 0x06dc  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:36:48.0131 0x06dc  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
21:36:50.0509 0x06dc  Detect skipped due to KSN trusted
21:36:50.0509 0x06dc  hpqddsvc - ok
21:36:50.0518 0x06dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:36:50.0538 0x06dc  HpSAMD - ok
21:36:50.0570 0x06dc  [ 7F57926169C1B8ABA9274EA7D4B70F18, A2BB01054737C6B0461381221D1C344951AC2BE9E5AE01E15A6871B31B62BE78 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:36:50.0599 0x06dc  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
21:36:53.0039 0x06dc  Detect skipped due to KSN trusted
21:36:53.0039 0x06dc  HPSLPSVC - ok
21:36:53.0049 0x06dc  [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
21:36:53.0069 0x06dc  HPSupportSolutionsFrameworkService - ok
21:36:53.0093 0x06dc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:36:53.0137 0x06dc  HTTP - ok
21:36:53.0141 0x06dc  [ 84D3088475BD9BC56ED76D6E0F740A63, 1A529E9939C902E370FCA09D43DB83F78FE2EB918D9AF96FF2F1451A1F4A7EE6 ] Huawei          C:\Windows\system32\DRIVERS\ewdcsc.sys
21:36:53.0151 0x06dc  Huawei - ok
21:36:53.0157 0x06dc  [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:36:53.0169 0x06dc  hwdatacard - ok
21:36:53.0172 0x06dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:36:53.0181 0x06dc  hwpolicy - ok
21:36:53.0189 0x06dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:36:53.0200 0x06dc  i8042prt - ok
21:36:53.0212 0x06dc  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:36:53.0227 0x06dc  IAANTMON - ok
21:36:53.0238 0x06dc  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:36:53.0252 0x06dc  iaStor - ok
21:36:53.0263 0x06dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:36:53.0281 0x06dc  iaStorV - ok
21:36:53.0287 0x06dc  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:36:53.0293 0x06dc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:36:55.0666 0x06dc  Detect skipped due to KSN trusted
21:36:55.0667 0x06dc  IDriverT - ok
21:36:55.0702 0x06dc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:36:55.0733 0x06dc  idsvc - ok
21:36:55.0752 0x06dc  [ B1CA6DD6534B546A2599187AE4BD9DD2, 0C56E2078FC812BD0C1E43154E3F86BCC1C4EDF36039A27F56AAC47424F635E5 ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys
21:36:55.0774 0x06dc  IDSVia64 - ok
21:36:55.0779 0x06dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:36:55.0788 0x06dc  iirsp - ok
21:36:55.0808 0x06dc  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:36:55.0849 0x06dc  IKEEXT - ok
21:36:55.0854 0x06dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:36:55.0863 0x06dc  intelide - ok
21:36:55.0867 0x06dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:36:55.0878 0x06dc  intelppm - ok
21:36:55.0882 0x06dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:36:55.0908 0x06dc  IPBusEnum - ok
21:36:55.0912 0x06dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:36:55.0936 0x06dc  IpFilterDriver - ok
21:36:55.0950 0x06dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:36:55.0973 0x06dc  iphlpsvc - ok
21:36:55.0978 0x06dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:36:55.0991 0x06dc  IPMIDRV - ok
21:36:55.0995 0x06dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:36:56.0022 0x06dc  IPNAT - ok
21:36:56.0037 0x06dc  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:36:56.0056 0x06dc  iPod Service - ok
21:36:56.0059 0x06dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:36:56.0072 0x06dc  IRENUM - ok
21:36:56.0075 0x06dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:36:56.0084 0x06dc  isapnp - ok
21:36:56.0092 0x06dc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:36:56.0107 0x06dc  iScsiPrt - ok
21:36:56.0113 0x06dc  [ 6EBE4832B1A7C063FDF87035AFC1E3DC, 8BF8C0C2253832EBB183CF24052769E7984EC4DEBE595471749ECCEB52B29EEC ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
21:36:56.0122 0x06dc  JRAID - ok
21:36:56.0126 0x06dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:36:56.0135 0x06dc  kbdclass - ok
21:36:56.0138 0x06dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:36:56.0149 0x06dc  kbdhid - ok
21:36:56.0152 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
21:36:56.0162 0x06dc  KeyIso - ok
21:36:56.0167 0x06dc  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:36:56.0177 0x06dc  KSecDD - ok
21:36:56.0183 0x06dc  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:36:56.0195 0x06dc  KSecPkg - ok
21:36:56.0198 0x06dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:36:56.0222 0x06dc  ksthunk - ok
21:36:56.0231 0x06dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:36:56.0264 0x06dc  KtmRm - ok
21:36:56.0268 0x06dc  [ F33C5D79D3273530E1892A0922283A7B, 06345FC5758D619FE049931BAFF99215C2A73385385EC8004B08071A27B58DEC ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys
21:36:56.0276 0x06dc  L8042Kbd - ok
21:36:56.0284 0x06dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:36:56.0312 0x06dc  LanmanServer - ok
21:36:56.0317 0x06dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:36:56.0344 0x06dc  LanmanWorkstation - ok
21:36:56.0350 0x06dc  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
21:36:56.0360 0x06dc  LBTServ - ok
21:36:56.0365 0x06dc  [ BECBD7CD46776B8739EE18061F45A581, 5379671AB2C04F9F9F4E5197255A9562B4E5EA2463355F996066E6FAB4F25EC9 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
21:36:56.0374 0x06dc  LEqdUsb - ok
21:36:56.0378 0x06dc  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:36:56.0386 0x06dc  LGBusEnum - ok
21:36:56.0388 0x06dc  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:36:56.0396 0x06dc  LGVirHid - ok
21:36:56.0399 0x06dc  [ 21D6BD7D62C270059EB8E2B1D4095880, 93DD175A37C8BAE95BD922965D75E4D479375F009BF531E47A5853B00E17FC45 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
21:36:56.0407 0x06dc  LHidEqd - ok
21:36:56.0410 0x06dc  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:36:56.0419 0x06dc  LHidFilt - ok
21:36:56.0423 0x06dc  [ 17203D81A68D9162DB9022A1FC601778, 7D4D4018D6BC95604003F15B792EAB061EF7CA9BC8443E32B99185D89095EA28 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:36:56.0427 0x06dc  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
21:37:03.0899 0x06dc  Detect skipped due to KSN trusted
21:37:03.0899 0x06dc  LightScribeService - ok
21:37:03.0907 0x06dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:37:03.0953 0x06dc  lltdio - ok
21:37:03.0963 0x06dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:37:03.0994 0x06dc  lltdsvc - ok
21:37:03.0997 0x06dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:37:04.0021 0x06dc  lmhosts - ok
21:37:04.0025 0x06dc  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:37:04.0032 0x06dc  LMouFilt - ok
21:37:04.0038 0x06dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:37:04.0051 0x06dc  LSI_FC - ok
21:37:04.0056 0x06dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:37:04.0068 0x06dc  LSI_SAS - ok
21:37:04.0072 0x06dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:37:04.0081 0x06dc  LSI_SAS2 - ok
21:37:04.0086 0x06dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:37:04.0097 0x06dc  LSI_SCSI - ok
21:37:04.0101 0x06dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:37:04.0127 0x06dc  luafv - ok
21:37:04.0156 0x06dc  [ CE6E5146039D248FEB991FBC9E2B6A7B, 4F995D56AF651EB75E3FFC2E5B1551AB9447E81C4376101594D5A763A5ECC4E9 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
21:37:04.0192 0x06dc  lvpopf64 - ok
21:37:04.0197 0x06dc  [ 6D5EA90F86F9B28CD44AF6BA9BE03BF9, 6A92EF21EB7543389649900BAB241A846DFE9CADF785D7352052C003AA717E5F ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
21:37:04.0205 0x06dc  LVUSBS64 - ok
21:37:04.0284 0x06dc  [ EB12688842EDE30C843A123FA6855858, 24DD1E4F32CA08EF2263100A3C65BF8D904BB0FFC55025519C477E7BAA31E064 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:37:04.0368 0x06dc  LVUVC64 - ok
21:37:04.0374 0x06dc  MBAMSwissArmy - ok
21:37:04.0379 0x06dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:37:04.0391 0x06dc  Mcx2Svc - ok
21:37:04.0395 0x06dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:37:04.0405 0x06dc  megasas - ok
21:37:04.0412 0x06dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:37:04.0427 0x06dc  MegaSR - ok
21:37:04.0450 0x06dc  [ 9F98EFA7BB6535E456D3B6E83D8F5474, E087984916127C25AC7FEC2A19D7CB385720B27E6DF2A0347C68F7C9EAE08374 ] mitsijm2014     C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
21:37:04.0478 0x06dc  mitsijm2014 - ok
21:37:04.0482 0x06dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:37:04.0508 0x06dc  MMCSS - ok
21:37:04.0524 0x06dc  [ DF5BD9CCFFBF9AA9D5096C6DAAAF0A00, 3D2A330F96302BC36BE9A5B82B3AC33F29AA3B8AF23AB12E5744189A11294BC5 ] mod7700         C:\Windows\system32\DRIVERS\mod7700.sys
21:37:04.0550 0x06dc  mod7700 - ok
21:37:04.0554 0x06dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:37:04.0579 0x06dc  Modem - ok
21:37:04.0582 0x06dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:37:04.0593 0x06dc  monitor - ok
21:37:04.0597 0x06dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:37:04.0606 0x06dc  mouclass - ok
21:37:04.0609 0x06dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:37:04.0620 0x06dc  mouhid - ok
21:37:04.0624 0x06dc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:37:04.0634 0x06dc  mountmgr - ok
21:37:04.0639 0x06dc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:37:04.0650 0x06dc  MozillaMaintenance - ok
21:37:04.0655 0x06dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:37:04.0667 0x06dc  mpio - ok
21:37:04.0671 0x06dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:37:04.0696 0x06dc  mpsdrv - ok
21:37:04.0714 0x06dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:37:04.0756 0x06dc  MpsSvc - ok
21:37:04.0762 0x06dc  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:37:04.0778 0x06dc  MRxDAV - ok
21:37:04.0784 0x06dc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:04.0797 0x06dc  mrxsmb - ok
21:37:04.0806 0x06dc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:04.0822 0x06dc  mrxsmb10 - ok
21:37:04.0827 0x06dc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:04.0839 0x06dc  mrxsmb20 - ok
21:37:04.0842 0x06dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:37:04.0851 0x06dc  msahci - ok
21:37:04.0856 0x06dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:37:04.0868 0x06dc  msdsm - ok
21:37:04.0873 0x06dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:37:04.0887 0x06dc  MSDTC - ok
21:37:04.0893 0x06dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:37:04.0916 0x06dc  Msfs - ok
21:37:04.0919 0x06dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:37:04.0942 0x06dc  mshidkmdf - ok
21:37:04.0945 0x06dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:37:04.0954 0x06dc  msisadrv - ok
21:37:04.0959 0x06dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:37:04.0987 0x06dc  MSiSCSI - ok
21:37:04.0989 0x06dc  msiserver - ok
21:37:04.0993 0x06dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:37:05.0016 0x06dc  MSKSSRV - ok
21:37:05.0019 0x06dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:05.0043 0x06dc  MSPCLOCK - ok
21:37:05.0046 0x06dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:37:05.0071 0x06dc  MSPQM - ok
21:37:05.0081 0x06dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:37:05.0096 0x06dc  MsRPC - ok
21:37:05.0101 0x06dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:37:05.0110 0x06dc  mssmbios - ok
21:37:05.0113 0x06dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:37:05.0137 0x06dc  MSTEE - ok
21:37:05.0139 0x06dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:37:05.0150 0x06dc  MTConfig - ok
21:37:05.0153 0x06dc  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
21:37:05.0160 0x06dc  MTsensor - ok
21:37:05.0163 0x06dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:37:05.0173 0x06dc  Mup - ok
21:37:05.0181 0x06dc  [ 19CBAAB0B1F214AF834EDD9256F55977, 25C992B6A8E4936A07CBAE7BF247960470A5CD2276E366BFC16ABAD7E338B0AD ] mv91xx          C:\Windows\system32\DRIVERS\mv91xx.sys
21:37:05.0193 0x06dc  mv91xx - ok
21:37:05.0205 0x06dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:37:05.0239 0x06dc  napagent - ok
21:37:05.0249 0x06dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:37:05.0268 0x06dc  NativeWifiP - ok
21:37:05.0275 0x06dc  [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS
21:37:05.0286 0x06dc  NAVENG - ok
21:37:05.0332 0x06dc  [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS
21:37:05.0380 0x06dc  NAVEX15 - ok
21:37:05.0404 0x06dc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:37:05.0433 0x06dc  NDIS - ok
21:37:05.0437 0x06dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:05.0461 0x06dc  NdisCap - ok
21:37:05.0464 0x06dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:05.0488 0x06dc  NdisTapi - ok
21:37:05.0492 0x06dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:05.0516 0x06dc  Ndisuio - ok
21:37:05.0522 0x06dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:05.0548 0x06dc  NdisWan - ok
21:37:05.0552 0x06dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:37:05.0576 0x06dc  NDProxy - ok
21:37:05.0580 0x06dc  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:37:05.0584 0x06dc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:37:07.0956 0x06dc  Detect skipped due to KSN trusted
21:37:07.0956 0x06dc  Net Driver HPZ12 - ok
21:37:07.0963 0x06dc  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
21:37:07.0972 0x06dc  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
21:37:10.0351 0x06dc  Detect skipped due to KSN trusted
21:37:10.0351 0x06dc  Netaapl - ok
21:37:10.0358 0x06dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:37:10.0402 0x06dc  NetBIOS - ok
21:37:10.0411 0x06dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:37:10.0440 0x06dc  NetBT - ok
21:37:10.0443 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
21:37:10.0453 0x06dc  Netlogon - ok
21:37:10.0462 0x06dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:37:10.0493 0x06dc  Netman - ok
21:37:10.0504 0x06dc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:10.0518 0x06dc  NetMsmqActivator - ok
21:37:10.0523 0x06dc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:10.0535 0x06dc  NetPipeActivator - ok
21:37:10.0547 0x06dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:37:10.0581 0x06dc  netprofm - ok
21:37:10.0586 0x06dc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:10.0598 0x06dc  NetTcpActivator - ok
21:37:10.0603 0x06dc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:10.0615 0x06dc  NetTcpPortSharing - ok
21:37:10.0670 0x06dc  [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
21:37:10.0739 0x06dc  Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
21:37:13.0111 0x06dc  Detect skipped due to KSN trusted
21:37:13.0112 0x06dc  Netzmanager Service - ok
21:37:13.0120 0x06dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:37:13.0144 0x06dc  nfrd960 - ok
21:37:13.0158 0x06dc  [ F0A55A6DF23D7E9E16D81BE9867679D1, E245F45962A50EF4AED46AC097110E7C27508EC79328CC7F62CFB4A75765C659 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
21:37:13.0174 0x06dc  NIS - ok
21:37:13.0183 0x06dc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:37:13.0200 0x06dc  NlaSvc - ok
21:37:13.0206 0x06dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:37:13.0230 0x06dc  Npfs - ok
21:37:13.0233 0x06dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:37:13.0258 0x06dc  nsi - ok
21:37:13.0261 0x06dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:37:13.0285 0x06dc  nsiproxy - ok
21:37:13.0296 0x06dc  [ 26F6A31906BE7AFBEF4D81860F1EE51F, A0F0CD7E9E2B552CCE44CE238BB6DA2F0A97D142CDDB35E79E0624356055F334 ] NSM             C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
21:37:13.0310 0x06dc  NSM - ok
21:37:13.0346 0x06dc  [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:37:13.0390 0x06dc  Ntfs - ok
21:37:13.0395 0x06dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:37:13.0420 0x06dc  Null - ok
21:37:13.0424 0x06dc  [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
21:37:13.0433 0x06dc  nusb3hub - ok
21:37:13.0439 0x06dc  [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:37:13.0449 0x06dc  nusb3xhc - ok
21:37:13.0454 0x06dc  [ 857FB74754EBFF94EE3AD40788740916, FE4099D8F2E7967289BBC0802548C48D453A0BD0C44AAACCDB4C282ADBCC7BFE ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:37:13.0464 0x06dc  NVHDA - ok
21:37:13.0737 0x06dc  [ 483DB4EFC499696298AED4C9DAEC2FEF, 7449F925AB7BE20105E03232C122C91C4F647B5B8C7FA09B5136C1A3E161AD61 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:37:13.0982 0x06dc  nvlddmkm - ok
21:37:13.0998 0x06dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:37:14.0010 0x06dc  nvraid - ok
21:37:14.0016 0x06dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:37:14.0029 0x06dc  nvstor - ok
21:37:14.0033 0x06dc  [ C53C14B6C1B2E54849F4833A5956F718, 045835D4860DD49D933608719AD70B9BA0C55F385820ECABE5533CD04E6B65EF ] NvStUSB         C:\Windows\system32\DRIVERS\nvstusb.sys
21:37:14.0043 0x06dc  NvStUSB - ok
21:37:14.0067 0x06dc  [ C7A7995692357A11900EFC8F8812CB2E, 5FA7DD8C546A35A7AE9F8F14A0D09C8B27B8306B871B599AC0D8AF3898C9D83F ] NVSvc           C:\Windows\system32\nvvsvc.exe
21:37:14.0096 0x06dc  NVSvc - ok
21:37:14.0101 0x06dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:37:14.0113 0x06dc  nv_agp - ok
21:37:14.0117 0x06dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:37:14.0129 0x06dc  ohci1394 - ok
21:37:14.0134 0x06dc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:37:14.0145 0x06dc  ose - ok
21:37:14.0245 0x06dc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:37:14.0360 0x06dc  osppsvc - ok
21:37:14.0378 0x06dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:37:14.0402 0x06dc  p2pimsvc - ok
21:37:14.0415 0x06dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:37:14.0439 0x06dc  p2psvc - ok
21:37:14.0445 0x06dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:37:14.0457 0x06dc  Parport - ok
21:37:14.0461 0x06dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:37:14.0472 0x06dc  partmgr - ok
21:37:14.0479 0x06dc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:37:14.0497 0x06dc  PcaSvc - ok
21:37:14.0504 0x06dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:37:14.0517 0x06dc  pci - ok
21:37:14.0520 0x06dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:37:14.0529 0x06dc  pciide - ok
21:37:14.0535 0x06dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:37:14.0549 0x06dc  pcmcia - ok
21:37:14.0567 0x06dc  [ 82EC1531BC74ADC34E0342C12958C55A, B2F97E4627FB4566F4837A18DACD0A94710DD9FA7596DCC16F9CD0B0A7C1D970 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
21:37:14.0589 0x06dc  PCToolsSSDMonitorSvc - ok
21:37:14.0594 0x06dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:37:14.0603 0x06dc  pcw - ok
21:37:14.0618 0x06dc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:37:14.0657 0x06dc  PEAUTH - ok
21:37:14.0687 0x06dc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:37:14.0729 0x06dc  PeerDistSvc - ok
21:37:14.0756 0x06dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:37:14.0767 0x06dc  PerfHost - ok
21:37:14.0802 0x06dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:37:14.0858 0x06dc  pla - ok
21:37:14.0870 0x06dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:37:14.0890 0x06dc  PlugPlay - ok
21:37:14.0895 0x06dc  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:37:14.0900 0x06dc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:37:17.0274 0x06dc  Detect skipped due to KSN trusted
21:37:17.0274 0x06dc  Pml Driver HPZ12 - ok
21:37:17.0281 0x06dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:37:17.0306 0x06dc  PNRPAutoReg - ok
21:37:17.0321 0x06dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:37:17.0342 0x06dc  PNRPsvc - ok
21:37:17.0355 0x06dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:37:17.0388 0x06dc  PolicyAgent - ok
21:37:17.0396 0x06dc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:37:17.0423 0x06dc  Power - ok
21:37:17.0428 0x06dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:37:17.0453 0x06dc  PptpMiniport - ok
21:37:17.0457 0x06dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:37:17.0468 0x06dc  Processor - ok
21:37:17.0475 0x06dc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:37:17.0490 0x06dc  ProfSvc - ok
21:37:17.0493 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:37:17.0503 0x06dc  ProtectedStorage - ok
21:37:17.0508 0x06dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:37:17.0533 0x06dc  Psched - ok
21:37:17.0537 0x06dc  [ CCE65976AAEB1DB4C3B98243B8AC448E, 996BC8CF7B5BFDA04D27FF0FCFEA8BA3C5623FDABFE96C9BE6503C6D3201D0AD ] PVUSB           C:\Windows\system32\DRIVERS\CESG64.sys
21:37:17.0546 0x06dc  PVUSB - ok
21:37:17.0579 0x06dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:37:17.0619 0x06dc  ql2300 - ok
21:37:17.0626 0x06dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:37:17.0637 0x06dc  ql40xx - ok
21:37:17.0644 0x06dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:37:17.0663 0x06dc  QWAVE - ok
21:37:17.0666 0x06dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:37:17.0679 0x06dc  QWAVEdrv - ok
21:37:17.0682 0x06dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:37:17.0705 0x06dc  RasAcd - ok
21:37:17.0709 0x06dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:17.0733 0x06dc  RasAgileVpn - ok
21:37:17.0737 0x06dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:37:17.0763 0x06dc  RasAuto - ok
21:37:17.0768 0x06dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:17.0793 0x06dc  Rasl2tp - ok
21:37:17.0803 0x06dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:37:17.0833 0x06dc  RasMan - ok
21:37:17.0838 0x06dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:17.0863 0x06dc  RasPppoe - ok
21:37:17.0867 0x06dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:37:17.0893 0x06dc  RasSstp - ok
21:37:17.0902 0x06dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:37:17.0931 0x06dc  rdbss - ok
21:37:17.0935 0x06dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:37:17.0946 0x06dc  rdpbus - ok
21:37:17.0949 0x06dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:17.0972 0x06dc  RDPCDD - ok
21:37:17.0979 0x06dc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:37:17.0993 0x06dc  RDPDR - ok
21:37:17.0996 0x06dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:37:18.0019 0x06dc  RDPENCDD - ok
21:37:18.0023 0x06dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:37:18.0046 0x06dc  RDPREFMP - ok
21:37:18.0053 0x06dc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:37:18.0068 0x06dc  RDPWD - ok
21:37:18.0075 0x06dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:37:18.0088 0x06dc  rdyboost - ok
21:37:18.0092 0x06dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:37:18.0118 0x06dc  RemoteAccess - ok
21:37:18.0124 0x06dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:37:18.0152 0x06dc  RemoteRegistry - ok
21:37:18.0158 0x06dc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:37:18.0173 0x06dc  RFCOMM - ok
21:37:18.0177 0x06dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:37:18.0203 0x06dc  RpcEptMapper - ok
21:37:18.0206 0x06dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:37:18.0216 0x06dc  RpcLocator - ok
21:37:18.0228 0x06dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:37:18.0261 0x06dc  RpcSs - ok
21:37:18.0265 0x06dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:37:18.0290 0x06dc  rspndr - ok
21:37:18.0297 0x06dc  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:37:18.0311 0x06dc  RTL8167 - ok
21:37:18.0314 0x06dc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:37:18.0323 0x06dc  s3cap - ok
21:37:18.0326 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
21:37:18.0336 0x06dc  SamSs - ok
21:37:18.0340 0x06dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:37:18.0351 0x06dc  sbp2port - ok
21:37:18.0357 0x06dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:37:18.0385 0x06dc  SCardSvr - ok
21:37:18.0388 0x06dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:37:18.0412 0x06dc  scfilter - ok
21:37:18.0435 0x06dc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:37:18.0484 0x06dc  Schedule - ok
21:37:18.0489 0x06dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:37:18.0512 0x06dc  SCPolicySvc - ok
21:37:18.0518 0x06dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:37:18.0533 0x06dc  SDRSVC - ok
21:37:18.0536 0x06dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:37:18.0560 0x06dc  secdrv - ok
21:37:18.0563 0x06dc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:37:18.0588 0x06dc  seclogon - ok
21:37:18.0592 0x06dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
21:37:18.0618 0x06dc  SENS - ok
21:37:18.0621 0x06dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:37:18.0633 0x06dc  SensrSvc - ok
21:37:18.0636 0x06dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:37:18.0646 0x06dc  Serenum - ok
21:37:18.0650 0x06dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:37:18.0662 0x06dc  Serial - ok
21:37:18.0665 0x06dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:37:18.0675 0x06dc  sermouse - ok
21:37:18.0683 0x06dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:37:18.0709 0x06dc  SessionEnv - ok
21:37:18.0712 0x06dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:37:18.0724 0x06dc  sffdisk - ok
21:37:18.0727 0x06dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:37:18.0739 0x06dc  sffp_mmc - ok
21:37:18.0742 0x06dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:37:18.0754 0x06dc  sffp_sd - ok
21:37:18.0757 0x06dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:37:18.0767 0x06dc  sfloppy - ok
21:37:18.0777 0x06dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:37:18.0808 0x06dc  SharedAccess - ok
21:37:18.0818 0x06dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:37:18.0850 0x06dc  ShellHWDetection - ok
21:37:18.0854 0x06dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:37:18.0864 0x06dc  SiSRaid2 - ok
21:37:18.0867 0x06dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:37:18.0878 0x06dc  SiSRaid4 - ok
21:37:18.0880 0x06dc  SkypeUpdate - ok
21:37:18.0886 0x06dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:37:18.0912 0x06dc  Smb - ok
21:37:18.0917 0x06dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:37:18.0928 0x06dc  SNMPTRAP - ok
21:37:18.0935 0x06dc  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:37:18.0945 0x06dc  Sony PC Companion - ok
21:37:18.0948 0x06dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:37:18.0957 0x06dc  spldr - ok
21:37:18.0970 0x06dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:37:18.0992 0x06dc  Spooler - ok
21:37:19.0065 0x06dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:37:19.0168 0x06dc  sppsvc - ok
21:37:19.0175 0x06dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:37:19.0200 0x06dc  sppuinotify - ok
21:37:19.0222 0x06dc  [ 3361466E3C5353CAB7E978C236FADF3B, DEF6FD4EB35C4CA9E67843A324FF1A8D6A064CBC76FD3392E70BBAF85D9421BA ] SRTSP           C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS
21:37:19.0246 0x06dc  SRTSP - ok
21:37:19.0251 0x06dc  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS
21:37:19.0260 0x06dc  SRTSPX - ok
21:37:19.0272 0x06dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:37:19.0293 0x06dc  srv - ok
21:37:19.0304 0x06dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:37:19.0324 0x06dc  srv2 - ok
21:37:19.0330 0x06dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:37:19.0343 0x06dc  srvnet - ok
21:37:19.0350 0x06dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:37:19.0377 0x06dc  SSDPSRV - ok
21:37:19.0382 0x06dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:37:19.0407 0x06dc  SstpSvc - ok
21:37:19.0421 0x06dc  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:37:19.0442 0x06dc  Steam Client Service - ok
21:37:19.0453 0x06dc  [ 78F3F2C97C91C11AC8D8480248D23F78, 66E984B0CC3B79D04050669F253D54C48B17755F2A8F465078B3916086C1BFB4 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:37:19.0467 0x06dc  Stereo Service - ok
21:37:19.0470 0x06dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:37:19.0480 0x06dc  stexstor - ok
21:37:19.0482 0x06dc  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:37:19.0494 0x06dc  StillCam - ok
21:37:19.0509 0x06dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:37:19.0536 0x06dc  stisvc - ok
21:37:19.0540 0x06dc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:37:19.0549 0x06dc  storflt - ok
21:37:19.0552 0x06dc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:37:19.0564 0x06dc  StorSvc - ok
21:37:19.0567 0x06dc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:37:19.0576 0x06dc  storvsc - ok
21:37:19.0579 0x06dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:37:19.0588 0x06dc  swenum - ok
21:37:19.0601 0x06dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:37:19.0638 0x06dc  swprv - ok
21:37:19.0676 0x06dc  [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI        C:\Windows\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS
21:37:19.0718 0x06dc  SymEFASI - ok
21:37:19.0725 0x06dc  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:37:19.0736 0x06dc  SymEvent - ok
21:37:19.0744 0x06dc  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS
21:37:19.0757 0x06dc  SymIRON - ok
21:37:19.0772 0x06dc  [ 5EA70535B2A6504278E14943867B1B39, 53F191DE2F1F692983BD9068DCF0A851111B7A08FCEDFE871FA0594B0C46FCB7 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS
21:37:19.0792 0x06dc  SymNetS - ok
21:37:19.0801 0x06dc  [ B6179F26F3CA563C607A7CD7E9773844, 5726B817DF2A379D751A768CEA6DBFBB60D3EC0ABDA30E64035C123473BDB787 ] SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS
21:37:19.0815 0x06dc  SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} - ok
21:37:19.0855 0x06dc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:37:19.0910 0x06dc  SysMain - ok
21:37:19.0916 0x06dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:37:19.0932 0x06dc  TabletInputService - ok
21:37:19.0940 0x06dc  [ D0D68330B57D503C9F3BC0F5452FC43E, 50E18FB83E34D0FFE39C93F15A8C39CD6237C5FE3532C81405AD7F2B6A2C9401 ] TampMon         C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe
21:37:19.0953 0x06dc  TampMon - ok
21:37:19.0962 0x06dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:37:19.0993 0x06dc  TapiSrv - ok
21:37:19.0998 0x06dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:37:20.0023 0x06dc  TBS - ok
21:37:20.0065 0x06dc  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:37:20.0116 0x06dc  Tcpip - ok
21:37:20.0159 0x06dc  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:37:20.0201 0x06dc  TCPIP6 - ok
21:37:20.0207 0x06dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:37:20.0219 0x06dc  tcpipreg - ok
21:37:20.0224 0x06dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:37:20.0235 0x06dc  TDPIPE - ok
21:37:20.0238 0x06dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:37:20.0250 0x06dc  TDTCP - ok
21:37:20.0255 0x06dc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:37:20.0281 0x06dc  tdx - ok
21:37:20.0285 0x06dc  [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6      C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
21:37:20.0293 0x06dc  TelekomNM6 - ok
21:37:20.0297 0x06dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:37:20.0306 0x06dc  TermDD - ok
21:37:20.0323 0x06dc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:37:20.0362 0x06dc  TermService - ok
21:37:20.0366 0x06dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:37:20.0380 0x06dc  Themes - ok
21:37:20.0384 0x06dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:37:20.0408 0x06dc  THREADORDER - ok
21:37:20.0413 0x06dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:37:20.0440 0x06dc  TrkWks - ok
21:37:20.0446 0x06dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:37:20.0474 0x06dc  TrustedInstaller - ok
21:37:20.0479 0x06dc  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:20.0503 0x06dc  tssecsrv - ok
21:37:20.0507 0x06dc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:37:20.0518 0x06dc  TsUsbFlt - ok
21:37:20.0523 0x06dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:37:20.0549 0x06dc  tunnel - ok
21:37:20.0553 0x06dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:37:20.0564 0x06dc  uagp35 - ok
21:37:20.0573 0x06dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:37:20.0603 0x06dc  udfs - ok
21:37:20.0609 0x06dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:37:20.0624 0x06dc  UI0Detect - ok
21:37:20.0633 0x06dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:37:20.0644 0x06dc  uliagpkx - ok
21:37:20.0647 0x06dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:37:20.0658 0x06dc  umbus - ok
21:37:20.0662 0x06dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:37:20.0674 0x06dc  UmPass - ok
21:37:20.0683 0x06dc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:37:20.0700 0x06dc  UmRdpService - ok
21:37:20.0710 0x06dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:37:20.0743 0x06dc  upnphost - ok
21:37:20.0747 0x06dc  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:37:20.0758 0x06dc  USBAAPL64 - ok
21:37:20.0763 0x06dc  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:37:20.0776 0x06dc  usbaudio - ok
21:37:20.0780 0x06dc  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:20.0793 0x06dc  usbccgp - ok
21:37:20.0798 0x06dc  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:37:20.0811 0x06dc  usbcir - ok
21:37:20.0815 0x06dc  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:37:20.0825 0x06dc  usbehci - ok
21:37:20.0834 0x06dc  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:37:20.0853 0x06dc  usbhub - ok
21:37:20.0856 0x06dc  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:37:20.0867 0x06dc  usbohci - ok
21:37:20.0870 0x06dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:37:20.0882 0x06dc  usbprint - ok
21:37:20.0885 0x06dc  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
21:37:20.0897 0x06dc  usbser - ok
21:37:20.0901 0x06dc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:20.0914 0x06dc  USBSTOR - ok
21:37:20.0917 0x06dc  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:37:20.0927 0x06dc  usbuhci - ok
21:37:20.0930 0x06dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:37:20.0956 0x06dc  UxSms - ok
21:37:20.0959 0x06dc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
21:37:20.0969 0x06dc  VaultSvc - ok
21:37:20.0972 0x06dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:37:20.0981 0x06dc  vdrvroot - ok
21:37:20.0994 0x06dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:37:21.0029 0x06dc  vds - ok
21:37:21.0033 0x06dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:21.0045 0x06dc  vga - ok
21:37:21.0048 0x06dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:37:21.0074 0x06dc  VgaSave - ok
21:37:21.0081 0x06dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:37:21.0095 0x06dc  vhdmp - ok
21:37:21.0126 0x06dc  [ 8F69C38A8BA725F891F26AAC8888696E, 1D5F86E7642F14A3A339AEEBB8A7D76671D9F19DEBDE25069B4252D9ACE5912F ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
21:37:21.0158 0x06dc  VIAHdAudAddService - ok
21:37:21.0162 0x06dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:37:21.0171 0x06dc  viaide - ok
21:37:21.0178 0x06dc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:37:21.0191 0x06dc  vmbus - ok
21:37:21.0194 0x06dc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:37:21.0204 0x06dc  VMBusHID - ok
21:37:21.0209 0x06dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:37:21.0219 0x06dc  volmgr - ok
21:37:21.0229 0x06dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:37:21.0245 0x06dc  volmgrx - ok
21:37:21.0254 0x06dc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:37:21.0268 0x06dc  volsnap - ok
21:37:21.0275 0x06dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:37:21.0287 0x06dc  vsmraid - ok
21:37:21.0323 0x06dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:37:21.0386 0x06dc  VSS - ok
21:37:21.0391 0x06dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:37:21.0404 0x06dc  vwifibus - ok
21:37:21.0416 0x06dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:37:21.0450 0x06dc  W32Time - ok
21:37:21.0455 0x06dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:37:21.0465 0x06dc  WacomPen - ok
21:37:21.0470 0x06dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:37:21.0494 0x06dc  WANARP - ok
21:37:21.0498 0x06dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:37:21.0521 0x06dc  Wanarpv6 - ok
21:37:21.0550 0x06dc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:37:21.0585 0x06dc  WatAdminSvc - ok
21:37:21.0617 0x06dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:37:21.0663 0x06dc  wbengine - ok
21:37:21.0671 0x06dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:37:21.0688 0x06dc  WbioSrvc - ok
21:37:21.0698 0x06dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:37:21.0720 0x06dc  wcncsvc - ok
21:37:21.0724 0x06dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:37:21.0735 0x06dc  WcsPlugInService - ok
21:37:21.0738 0x06dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:37:21.0747 0x06dc  Wd - ok
21:37:21.0765 0x06dc  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:37:21.0791 0x06dc  Wdf01000 - ok
21:37:21.0796 0x06dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:37:21.0824 0x06dc  WdiServiceHost - ok
21:37:21.0828 0x06dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:37:21.0844 0x06dc  WdiSystemHost - ok
21:37:21.0851 0x06dc  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
21:37:21.0870 0x06dc  WebClient - ok
21:37:21.0877 0x06dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:37:21.0907 0x06dc  Wecsvc - ok
21:37:21.0911 0x06dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:37:21.0937 0x06dc  wercplsupport - ok
21:37:21.0941 0x06dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:37:21.0967 0x06dc  WerSvc - ok
21:37:21.0970 0x06dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:37:21.0993 0x06dc  WfpLwf - ok
21:37:21.0996 0x06dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:37:22.0005 0x06dc  WIMMount - ok
21:37:22.0008 0x06dc  WinDefend - ok
21:37:22.0013 0x06dc  WinHttpAutoProxySvc - ok
21:37:22.0023 0x06dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:37:22.0051 0x06dc  Winmgmt - ok
21:37:22.0094 0x06dc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:37:22.0163 0x06dc  WinRM - ok
21:37:22.0171 0x06dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:37:22.0183 0x06dc  WinUsb - ok
21:37:22.0203 0x06dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:37:22.0236 0x06dc  Wlansvc - ok
21:37:22.0239 0x06dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:37:22.0249 0x06dc  WmiAcpi - ok
21:37:22.0257 0x06dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:37:22.0272 0x06dc  wmiApSrv - ok
21:37:22.0274 0x06dc  WMPNetworkSvc - ok
21:37:22.0278 0x06dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:37:22.0288 0x06dc  WPCSvc - ok
21:37:22.0293 0x06dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:37:22.0306 0x06dc  WPDBusEnum - ok
21:37:22.0309 0x06dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:37:22.0332 0x06dc  ws2ifsl - ok
21:37:22.0337 0x06dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
21:37:22.0352 0x06dc  wscsvc - ok
21:37:22.0354 0x06dc  WSearch - ok
21:37:22.0406 0x06dc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:37:22.0464 0x06dc  wuauserv - ok
21:37:22.0471 0x06dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:37:22.0483 0x06dc  WudfPf - ok
21:37:22.0489 0x06dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:37:22.0503 0x06dc  WUDFRd - ok
21:37:22.0507 0x06dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:37:22.0519 0x06dc  wudfsvc - ok
21:37:22.0526 0x06dc  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:37:22.0544 0x06dc  WwanSvc - ok
21:37:22.0552 0x06dc  ================ Scan global ===============================
         


Alt 31.08.2015, 20:43   #6
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Musste es auf zweimal einstellen.
Hier die Fortsetzung.

Code:
ATTFilter
21:37:22.0555 0x06dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:37:22.0562 0x06dc  [ F46BBAAC1C4980F4D0DD463F190A42D3, 8694BC790610419BE29E02275CC09E7BCF7BF667005FC747BD4111DA880C8490 ] C:\Windows\system32\winsrv.dll
21:37:22.0572 0x06dc  [ F46BBAAC1C4980F4D0DD463F190A42D3, 8694BC790610419BE29E02275CC09E7BCF7BF667005FC747BD4111DA880C8490 ] C:\Windows\system32\winsrv.dll
21:37:22.0578 0x06dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:37:22.0588 0x06dc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:37:22.0594 0x06dc  [ Global ] - ok
21:37:22.0594 0x06dc  ================ Scan MBR ==================================
21:37:22.0642 0x06dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:37:22.0868 0x06dc  \Device\Harddisk1\DR1 - ok
21:37:22.0871 0x06dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:37:22.0990 0x06dc  \Device\Harddisk0\DR0 - ok
21:37:22.0996 0x06dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
21:37:23.0143 0x06dc  \Device\Harddisk2\DR2 - ok
21:37:23.0144 0x06dc  ================ Scan VBR ==================================
21:37:23.0146 0x06dc  [ 28B72AD2E57237302C20EC1946A94367 ] \Device\Harddisk1\DR1\Partition1
21:37:23.0177 0x06dc  \Device\Harddisk1\DR1\Partition1 - ok
21:37:23.0180 0x06dc  [ 308482E65DAA3EE2C847DA5B34CA852F ] \Device\Harddisk0\DR0\Partition1
21:37:23.0182 0x06dc  \Device\Harddisk0\DR0\Partition1 - ok
21:37:23.0184 0x06dc  [ 420DCB9BEE4790E972863044EA0B8D00 ] \Device\Harddisk0\DR0\Partition2
21:37:23.0186 0x06dc  \Device\Harddisk0\DR0\Partition2 - ok
21:37:23.0189 0x06dc  [ 961D6D5B29942C74D5CCE0EB890B853C ] \Device\Harddisk2\DR2\Partition1
21:37:23.0191 0x06dc  \Device\Harddisk2\DR2\Partition1 - ok
21:37:23.0191 0x06dc  ================ Scan generic autorun ======================
21:37:23.0195 0x06dc  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:37:23.0211 0x06dc  Logitech Download Assistant - ok
21:37:23.0223 0x06dc  [ 3F28896C91F8498F37D5A9C7EF961752, 3557B3D569D520E6F7B2D3367D506409433B540DE259010834C6C52B16AA71F0 ] C:\Program Files\Microsoft LifeChat\LifeChat.exe
21:37:23.0236 0x06dc  LifeChat - detected UnsignedFile.Multi.Generic ( 1 )
21:37:25.0674 0x06dc  Detect skipped due to KSN trusted
21:37:25.0674 0x06dc  LifeChat - ok
21:37:25.0683 0x06dc  [ 0D4B73DBE667647DD073D9CB72B1700C, DF9FA0BD26855EA51CDBBCECC7BFA2E09DC9495A8B02BD16112C02E7E26FE921 ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:37:25.0704 0x06dc  Launch LCore - ok
21:37:25.0714 0x06dc  [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
21:37:25.0728 0x06dc  Kernel and Hardware Abstraction Layer - ok
21:37:25.0796 0x06dc  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] F:\Programme\Program Files (x86)\iTunesHelper.exe
21:37:25.0816 0x06dc  iTunesHelper - ok
21:37:25.0826 0x06dc  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
21:37:25.0843 0x06dc  IAAnotif - ok
21:37:25.0844 0x06dc  Bluetooth Connection Assistant - ok
21:37:25.0852 0x06dc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:37:25.0866 0x06dc  SunJavaUpdateSched - ok
21:37:25.0871 0x06dc  [ 25ADED425EB9D94DA7FC8CC25BA5A0AD, BEB2FED7C3B0CD87D3E15E6C891F7D38A154715F1F313179932FD42EE8018F36 ] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
21:37:25.0878 0x06dc  SSDMonitor - ok
21:37:25.0889 0x06dc  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:37:25.0901 0x06dc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
21:37:28.0274 0x06dc  Detect skipped due to KSN trusted
21:37:28.0274 0x06dc  QuickTime Task - ok
21:37:28.0283 0x06dc  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
21:37:28.0302 0x06dc  NUSB3MON - ok
21:37:28.0305 0x06dc  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
21:37:28.0315 0x06dc  LGODDFU - ok
21:37:28.0318 0x06dc  [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\Windows\RaidTool\xInsIDE.exe
21:37:28.0323 0x06dc  JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 )
21:37:30.0698 0x06dc  Detect skipped due to KSN trusted
21:37:30.0698 0x06dc  JMB36X IDE Setup - ok
21:37:30.0704 0x06dc  [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:37:30.0722 0x06dc  HP Software Update - ok
21:37:30.0781 0x06dc  [ 87BF5BD7D8D441EE18BE699B37FA3FBF, F28D17443987F7942DA6F7FEB7FC4491C31C9D52FB0B849D7637445BEEC07884 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
21:37:30.0839 0x06dc  HDAudDeck - ok
21:37:30.0884 0x06dc  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
21:37:30.0936 0x06dc  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
21:37:33.0309 0x06dc  Detect skipped due to KSN trusted
21:37:33.0309 0x06dc  AVMWlanClient - ok
21:37:33.0316 0x06dc  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:37:33.0334 0x06dc  APSDaemon - ok
21:37:33.0339 0x06dc  [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
21:37:33.0350 0x06dc  AppleSyncNotifier - ok
21:37:33.0358 0x06dc  [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
21:37:33.0366 0x06dc  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
21:37:35.0740 0x06dc  Detect skipped due to KSN trusted
21:37:35.0740 0x06dc  hpqSRMon - ok
21:37:35.0830 0x06dc  [ D730A7220B6E006B9B3630B7DE5124AB, A16D82A68339046DE63E6F4177FA474CC9442E8C42830C3C8DC59F55630489C3 ] C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
21:37:35.0891 0x06dc  GoPro Studio Importer - ok
21:37:35.0940 0x06dc  [ F34001FB7E4EA94D404339CD8B15D84C, 7E76FD43729CE6B6F29C2ED4F6B41BE3232390D9E6224F65AB506C0846BB557D ] C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:37:35.0988 0x06dc  Spotify Web Helper - ok
21:37:36.0146 0x06dc  [ 09C24A487DA063B6626FEDF8FD5B80E0, 34E909D5FACAD7ED78D09FB8103198BEF81323F69F20E4EDF44E54C6D39D3948 ] C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
21:37:36.0280 0x06dc  Spotify - ok
21:37:36.0297 0x06dc  [ 362A07AA3055C61F386C807C56BC8F97, 690506ED7D09EF13DE7719E08B9B1980A0B5427B394E508430FC6E68453BF5C1 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
21:37:36.0310 0x06dc  Sony PC Companion - ok
21:37:36.0341 0x06dc  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:37:36.0384 0x06dc  Sidebar - ok
21:37:36.0433 0x06dc  [ 131376E3926395D76525566632F2B1E5, 7D37FA6BF1FA85E22257573E45657D539DED7750C5E84E6B3E6A8405C0ADC6D4 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
21:37:36.0493 0x06dc  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
21:37:38.0868 0x06dc  Detect skipped due to KSN trusted
21:37:38.0868 0x06dc  LightScribe Control Panel - ok
21:37:38.0874 0x06dc  [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
21:37:38.0891 0x06dc  iCloudServices - ok
21:37:38.0898 0x06dc  [ 334725C0DB429BF71F43CCEFEA1376A4, D7838C556DECC87EE5E125D643FD9ADCCE91C2DDEEBFA064312C5C821BE80CF0 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
21:37:38.0915 0x06dc  iCloudDrive - ok
21:37:38.0946 0x06dc  [ 1E2CF357B62A8C8A3AC2B831D68733C5, DF70BB7437BC3437D4AFC9D150FE9CABFD51F929694455C943276AA91D63E672 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
21:37:38.0971 0x06dc  Autodesk Sync - ok
21:37:38.0975 0x06dc  [ 105C276BB7B43501225C419B062096D0, F5D35230FC5E116FB04147F216313D2E2542D96E975B19F5FD9F7641CF11271F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
21:37:38.0982 0x06dc  ApplePhotoStreams - ok
21:37:39.0083 0x06dc  [ 5721B5C4CBEBBD0C85AE311366783386, C2A780D6F49A0F75CF53C6A032BC9C4494D6F0FB5A0B767845AE5052179C7C40 ] C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe
21:37:39.0171 0x06dc  Akamai NetSession Interface - ok
21:37:39.0179 0x06dc  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe
21:37:39.0188 0x06dc  Dropbox Update - ok
21:37:39.0206 0x06dc  [ 92B2CC464136BA72FF7E57DF98993ACA, 76FA85AD2CA9EADEDB5B018D6432FD7D6D90A0893E9B1676C3B686001AB9EFF1 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:37:39.0226 0x06dc  GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC - ok
21:37:39.0275 0x06dc  [ 131376E3926395D76525566632F2B1E5, 7D37FA6BF1FA85E22257573E45657D539DED7750C5E84E6B3E6A8405C0ADC6D4 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
21:37:39.0325 0x06dc  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
21:37:39.0325 0x06dc  Detect skipped due to KSN trusted
21:37:39.0325 0x06dc  LightScribe Control Panel - ok
21:37:39.0336 0x06dc  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:37:39.0347 0x06dc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
21:37:39.0347 0x06dc  Detect skipped due to KSN trusted
21:37:39.0347 0x06dc  QuickTime Task - ok
21:37:39.0348 0x06dc  Waiting for KSN requests completion. In queue: 12
21:37:40.0348 0x06dc  Waiting for KSN requests completion. In queue: 12
21:37:41.0348 0x06dc  Waiting for KSN requests completion. In queue: 12
21:37:42.0365 0x06dc  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
21:37:42.0368 0x06dc  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
21:37:44.0758 0x06dc  ============================================================
21:37:44.0758 0x06dc  Scan finished
21:37:44.0758 0x06dc  ============================================================
21:37:44.0771 0x0e40  Detected object count: 0
21:37:44.0771 0x0e40  Actual detected object count: 0
         

Alt 01.09.2015, 08:02   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.09.2015, 14:55   #8
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



MBAM Logfile:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.09.2015
Suchlaufzeit: 15:22
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.01.03
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Filep

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 450359
Abgelaufene Zeit: 8 Min., 20 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner Logfile:

Code:
ATTFilter
# AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 15:37:56
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Filep - FILEP-PC
# Gestartet von : C:\Users\Filep\Downloads\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[!] Task Nicht Gelöscht : Oxy
[!] Task Nicht Gelöscht : RunAsStdUser Task
[!] Task Nicht Gelöscht : Windows Updater

***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [843 Bytes] ##########
         

JRT Logfile:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by Filep on 01.09.2015 at 15:45:55,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2015 at 15:48:40,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Logfile folgt.

FRST Logfile:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Filep (Administrator) auf FILEP-PC (01-09-2015 15:51:13)
Gestartet von C:\Users\Filep\Downloads
Geladene Profile: Filep (Verfügbare Profile: Filep & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coNatHstNF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Filep\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => F:\Programme\Program Files (x86)\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-23] (Bitleader)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2009-10-19] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dllACHTUNG! ====> ZeroAccess?
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify Web Helper] => C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-31] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify] => C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-08-31] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Dropbox Update] => C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-06-25]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-06-25]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448 2011-03-06] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [326144 2011-03-06] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{C2EBE2D5-7A37-4D2E-883C-3C7C966033DA}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DAB167F1-50C2-4BC8-A4BD-8510C13A125F}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO-x32: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default
FF Homepage: about:home
FF NetworkProxy: "ftp", "proxyus.stealthy.co"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "proxyus.stealthy.co"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "proxyus.stealthy.co"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "proxyus.stealthy.co"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> F:\Programme\Program Files (x86)\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Keine Datei
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF Extension: Stealthy - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\stealthyextension@gmail.com.xpi [2015-02-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2015-09-01]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw
FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw [2015-09-01]
FF HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Kein Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [nicht gefunden]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Program Files (x86)\firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-02-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-12]
CHR Extension: (Stealthy) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-06-13]
CHR Extension: (eBay for Chrome) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30]
CHR Extension: (Audio EQ) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-06-13]
CHR Extension: (Norton™ Family) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [129440 2011-01-13] (Futuremark Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation)
R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [364416 2015-08-21] (Symantec Corporation)
S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [314680 2015-08-21] (Symantec Corporation)
S2 CLKMSVC10_9EC60124; "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R3 AsyncMac; C:\Windows\SysWOW64\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation)
R1 cdrom; C:\Windows\SysWOW64\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
S3 i8042prt; C:\Windows\SysWOW64\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 intelppm; C:\Windows\SysWOW64\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [691712 2008-04-14] (DiBcom SA)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R0 NDIS; C:\Windows\SysWOW64\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\SysWOW64\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
R3 NDProxy; C:\Windows\SysWow64\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert]
R1 NetBIOS; C:\Windows\SysWOW64\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\SysWOW64\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
R1 Null; C:\Windows\SysWow64\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
S3 NvStUSB; C:\Windows\System32\DRIVERS\nvstusb.sys [63592 2010-06-07] ()
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [243416 2015-08-19] (Symantec Corporation)
R0 Tcpip; C:\Windows\SysWOW64\drivers\tcpip.sys [1914248 2012-10-03] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\SysWOW64\DRIVERS\tcpip.sys [1914248 2012-10-03] (Microsoft Corporation)
R1 tdx; C:\Windows\SysWOW64\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVCx32: AppInfo -> C:\Windows\SysWOW64\appinfo.dll ==> Keine Datei
NETSVCx32: browser -> C:\Windows\SysWOW64\browser.dll ==> Keine Datei
NETSVCx32: EapHost -> C:\Windows\SysWOW64\eapsvc.dll ==> Keine Datei
NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> Keine Datei
NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> Keine Datei
NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> Keine Datei
NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> Keine Datei
NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> Keine Datei
NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> Keine Datei
NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-01 15:50 - 2015-09-01 15:51 - 00000000 ____D C:\FRST
2015-09-01 15:49 - 2015-09-01 15:50 - 02188800 _____ (Farbar) C:\Users\Filep\Downloads\FRST64 (1).exe
2015-09-01 15:48 - 2015-09-01 15:48 - 00001450 _____ C:\Users\Filep\Desktop\JRT.txt
2015-09-01 15:45 - 2015-09-01 00:43 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Filep\Desktop\JRT.exe
2015-09-01 15:40 - 2015-09-01 15:40 - 00000921 _____ C:\Users\Filep\Desktop\AdwCleaner[C2].txt
2015-09-01 15:36 - 2015-09-01 15:37 - 00000000 ____D C:\AdwCleaner
2015-09-01 15:32 - 2015-09-01 15:32 - 00001198 _____ C:\Users\Filep\Desktop\mbam.txt
2015-09-01 15:20 - 2015-09-01 15:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Filep\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-08-31 21:35 - 2015-08-31 21:35 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Filep\Downloads\tdsskiller.exe
2015-08-31 20:38 - 2012-10-03 19:56 - 01914248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\tcpip.sys
2015-08-31 20:38 - 2010-11-20 12:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndproxy.sys
2015-08-31 20:38 - 2010-11-20 11:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\netbt.sys
2015-08-31 20:38 - 2010-11-20 11:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\tdx.sys
2015-08-31 20:38 - 2010-11-20 11:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\cdrom.sys
2015-08-31 20:38 - 2009-07-14 02:10 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\asyncmac.sys
2015-08-31 20:38 - 2009-07-14 02:10 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ws2ifsl.sys
2015-08-31 20:38 - 2009-07-14 02:00 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\Serial.sys
2015-08-31 20:38 - 2009-07-14 01:19 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\i8042prt.sys
2015-08-31 20:38 - 2009-07-14 01:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\intelppm.sys
2015-08-31 20:37 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndis.sys
2015-08-31 20:37 - 2011-12-28 06:01 - 00498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afd.sys
2015-08-31 20:37 - 2011-03-29 05:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbehci.sys
2015-08-31 20:37 - 2010-11-20 12:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndisuio.sys
2015-08-31 20:37 - 2009-07-14 02:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\netbios.sys
2015-08-31 20:37 - 2009-07-14 01:19 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\null.sys
2015-08-31 20:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-31 20:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-31 20:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-31 20:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-31 20:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-31 20:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-31 20:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-31 20:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-31 20:05 - 2015-08-31 20:42 - 00000000 ____D C:\Qoobox
2015-08-31 20:05 - 2015-08-31 20:41 - 00000000 ____D C:\Windows\erdnt
2015-08-31 20:04 - 2015-08-31 20:04 - 05635666 ____R (Swearware) C:\Users\Filep\Downloads\ComboFix.exe
2015-08-31 14:56 - 2015-08-31 14:56 - 01798640 _____ (Malwarebytes Corporation) C:\Users\Filep\Downloads\JRT.exe
2015-08-31 14:39 - 2015-08-31 14:39 - 01618432 _____ C:\Users\Filep\Downloads\AdwCleaner_5.004.exe
2015-08-31 14:32 - 2015-08-31 14:32 - 00000000 ____D C:\Users\Filep\AppData\Local\VirtualStore
2015-08-31 14:13 - 2015-08-31 14:14 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Filep\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-31 14:10 - 2015-09-01 15:51 - 00037249 _____ C:\Users\Filep\Downloads\FRST.txt
2015-08-31 14:10 - 2015-08-31 14:27 - 00084511 _____ C:\Users\Filep\Downloads\Addition.txt
2015-08-31 14:09 - 2015-08-31 14:09 - 02188288 _____ (Farbar) C:\Users\Filep\Downloads\FRST64.exe
2015-08-31 13:59 - 2015-08-31 13:58 - 00000797 _____ C:\Windows\system32\Drivers\etc\hosts.20150831-135934.backup
2015-08-31 13:41 - 2015-08-31 14:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-31 13:41 - 2015-08-31 13:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-31 13:31 - 2015-08-31 13:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Filep\Downloads\spybot-2.4.exe
2015-08-31 13:18 - 2015-08-31 13:18 - 00000000 ____D C:\Users\Filep\AppData\Local\Microsoft Help
2015-08-22 18:50 - 2015-08-31 13:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Family
2015-08-22 18:49 - 2015-08-31 13:00 - 00000000 ____D C:\Windows\system32\Drivers\NSMx64
2015-08-22 18:49 - 2015-08-22 18:53 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-08-22 18:49 - 2015-08-22 18:49 - 01038368 _____ (Symantec Corporation) C:\Users\Filep\Downloads\NF_Installer.exe
2015-08-22 18:49 - 2015-08-22 18:49 - 00001227 _____ C:\Users\Filep\Desktop\Norton Installation Files.lnk
2015-08-22 18:49 - 2015-08-22 18:49 - 00000000 ____D C:\Program Files (x86)\Norton Family
2015-08-22 17:33 - 2015-08-22 17:33 - 00000000 ____D C:\games
2015-08-22 17:31 - 2015-08-22 17:31 - 00536412 _____ C:\Users\Filep\Downloads\Icy Tower.zip
2015-08-18 22:05 - 2015-08-16 12:15 - 1529124864 _____ C:\Users\Filep\Desktop\Heiratsantrag.MTS
2015-08-18 22:00 - 2015-08-18 22:03 - 105186437 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt neu.mp4
2015-08-18 21:55 - 2015-08-18 21:58 - 48992010 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt.mp4
2015-08-18 21:54 - 2015-08-18 21:54 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Digiarty
2015-08-18 21:53 - 2015-08-18 21:53 - 36396504 _____ (Digiarty Software, Inc. ) C:\Users\Filep\Downloads\winx-hd-converter-deluxe.exe
2015-08-18 19:51 - 2015-08-18 19:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Movavi
2015-08-18 19:40 - 2015-08-18 19:40 - 39158440 _____ (Movavi) C:\Users\Filep\Downloads\MovaviVideoConverterSetupC.exe
2015-08-16 21:51 - 2015-08-16 21:51 - 00001646 _____ C:\Users\Public\Desktop\Aiseesoft AVCHD Video Converter.lnk
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\Documents\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2015-08-16 21:50 - 2015-08-16 21:50 - 24566856 _____ (Aiseesoft Studio ) C:\Users\Filep\Downloads\avchd-video-60converter.exe
2015-08-14 17:10 - 2015-08-14 17:10 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 16:53 - 2015-08-12 16:53 - 00000000 ____D C:\Users\Filep\AppData\Local\CEF
2015-08-11 16:59 - 2015-08-11 16:59 - 00160154 _____ C:\Users\Filep\Downloads\Ihr Besuch in Tripsdrill.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-01 15:46 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 15:46 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 15:44 - 2009-07-14 19:58 - 00702980 _____ C:\Windows\system32\perfh007.dat
2015-09-01 15:44 - 2009-07-14 19:58 - 00150620 _____ C:\Windows\system32\perfc007.dat
2015-09-01 15:44 - 2009-07-14 07:13 - 01629334 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-01 15:39 - 2015-04-20 20:50 - 00000000 ___RD C:\Users\Filep\iCloudDrive
2015-09-01 15:39 - 2015-02-21 10:19 - 00000000 ___RD C:\Users\Filep\Dropbox
2015-09-01 15:39 - 2015-02-17 20:37 - 00000000 ____D C:\Users\Filep\AppData\Local\Spotify
2015-09-01 15:39 - 2014-10-24 15:34 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Dropbox
2015-09-01 15:39 - 2013-12-31 18:27 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Spotify
2015-09-01 15:39 - 2011-03-16 01:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 15:39 - 2011-03-06 08:36 - 00647858 _____ C:\Windows\PFRO.log
2015-09-01 15:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 15:39 - 2009-07-14 06:51 - 00152999 _____ C:\Windows\setupact.log
2015-09-01 15:38 - 2011-02-26 23:37 - 01418028 _____ C:\Windows\WindowsUpdate.log
2015-09-01 15:18 - 2011-03-16 01:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 15:16 - 2013-12-29 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 15:16 - 2011-03-06 01:37 - 00000344 _____ C:\Windows\lgfwup.ini
2015-09-01 15:16 - 2011-02-27 18:20 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2015-09-01 14:54 - 2015-06-26 15:44 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job
2015-08-31 20:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-31 20:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-31 15:54 - 2015-06-26 15:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job
2015-08-31 14:42 - 2014-08-30 17:57 - 00001070 _____ C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-08-31 14:28 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC
2015-08-31 14:27 - 2013-11-09 19:10 - 03029504 ___SH C:\Users\Filep\Desktop\Thumbs.db
2015-08-31 14:25 - 2015-03-14 20:18 - 00000000 ____D C:\Users\Filep\AppData\Local\5D515C96_stp
2015-08-29 20:13 - 2011-03-16 01:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 20:13 - 2011-03-16 01:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 14:57 - 2014-08-10 14:23 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-08-29 14:57 - 2014-08-10 14:23 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-08-24 20:07 - 2011-12-10 20:00 - 00000418 _____ C:\Windows\SysWOW64\AppLog.log
2015-08-22 20:28 - 2011-12-10 15:00 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2015-08-22 18:49 - 2015-07-11 18:41 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-08-21 16:34 - 2015-07-10 15:21 - 00002002 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-08-21 16:34 - 2013-11-23 19:50 - 00376272 _____ C:\Windows\DPINST.LOG
2015-08-21 16:34 - 2011-02-26 23:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-19 20:08 - 2011-03-06 07:24 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2015-08-18 19:51 - 2011-02-26 23:37 - 00000000 ____D C:\Users\Filep
2015-08-12 16:54 - 2014-04-06 19:13 - 00000000 ____D C:\Users\Filep\AppData\Local\Akamai

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-14 20:18 - 2015-03-14 20:19 - 4286798 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:19 - 0000326 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0385602 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS
2015-03-14 20:18 - 2015-04-26 17:46 - 0000220 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0193463 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:18 - 0000250 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS.part
2013-05-04 12:08 - 2013-05-04 12:08 - 0000000 _____ () C:\ProgramData\as98213.txt
2012-07-21 10:34 - 2015-06-25 13:03 - 0015768 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Filep\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoe7q_c.dll
C:\Users\Filep\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. 


LastRegBack: 2015-09-01 15:09

==================== Ende von FRST.txt ==========================
         

Alt 01.09.2015, 19:55   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Anleitung von adwCleaner bitte richtig lesen und umsetzen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.09.2015, 21:41   #10
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Bin nochmal genau nach Anleitung vorgegangen.
-adwcleaner runter geladen.
-musste Norton Auto-Protect deaktivieren.
-Alle Browser geschlossen.
-adwcleaner gestartet.
-alle 4 Häckchen gesetzt.
-suchlauf gestartet.
-keine Ergebnisse gefunden.
-trotzdem auf löschen geklickt.
-Pc wurde Neu gestartet.
-nach neustart hat sich folgender Logfile geöffnet.

Code:
ATTFilter
# AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 22:36:25
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Filep - FILEP-PC
# Gestartet von : C:\Users\Filep\Desktop\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[!] Task Nicht Gelöscht : Oxy
[!] Task Nicht Gelöscht : RunAsStdUser Task
[!] Task Nicht Gelöscht : Windows Updater

***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [798 Bytes] ##########
         

Alt 02.09.2015, 10:31   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Code:
ATTFilter
*************************

:: Proxy Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [798 Bytes] ##########
         
Lt. dem letzten Log hast du aber nur Proxy angehakt gehabt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.09.2015, 13:23   #12
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



So oft ich adwcleaner auch anwende, es kommt jedes mal das nur die Proxy Einstellungen zurückgesetzt sind.
An dieser Stelle muss ich dazu sagen, ich habe adwcleaner schon mal eingesetzt bevor ich mich hier angemeldet habe.
Habe zuerst einen FRST gemacht und anschließend den adwcleaner laufen lassen.
Bin dabei auch nach Anleitung vor gegangen und habe die 4 Häckchen gesetzt.
Im übrigen die redirect Seite öffnet sich Jedenfalls nicht mehr.

hier noch der erste adwcleaner Log.

Code:
ATTFilter
# AdwCleaner v5.004 - Bericht erstellt 31/08/2015 um 14:42:01
# Aktualisiert 26/08/2015 von Xplode
# Datenbank : 2015-08-30.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Filep - FILEP-PC
# Gestarted von : C:\Users\Filep\Downloads\AdwCleaner_5.004.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Uniblue
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\ProgramData\Tarma Installer
[#] Ordner Gelöscht : C:\ProgramData\mntemp
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Ordner Gelöscht : C:\Users\Filep\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\Filep\AppData\Roaming\winsta
[-] Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\HPAppData
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\DealPly

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
[-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\searchplugins\safesearch.xml
[-] Datei Gelöscht : C:\Windows\Sysnative\roboot64.exe

***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Geplante Tasks ] *****

[!] Task Nicht Gelöscht : Oxy
[!] Task Nicht Gelöscht : RunAsStdUser Task
[!] Task Nicht Gelöscht : Windows Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
[-] Schlüssel Gelöscht : HKCU\Software\53578c8db73fb849
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\53578c8db73fb849
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{59C0C5BD-2579-433A-BBB8-AFFD59642BAF}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IBUpdaterService
[-] Schlüssel Gelöscht : HKCU\Software\Alexa Internet
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\Cr_Installer
[-] Schlüssel Gelöscht : HKCU\Software\distromatic
[-] Schlüssel Gelöscht : HKCU\Software\Escolade
[-] Schlüssel Gelöscht : HKCU\Software\ilivid
[-] Schlüssel Gelöscht : HKCU\Software\IM
[-] Schlüssel Gelöscht : HKCU\Software\ImInstaller
[-] Schlüssel Gelöscht : HKCU\Software\performersoft llc
[-] Schlüssel Gelöscht : HKCU\Software\systweak
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Bandoo
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SearchquMediabarTb
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab FLV Player
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Alexa Internet
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN PIP
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Cr_Installer
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\distromatic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Escolade
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ilivid
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\IM
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ImInstaller
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\performersoft llc
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\systweak
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15043 Bytes] ##########
         

Alt 02.09.2015, 13:49   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.09.2015, 19:28   #14
Grady
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



mbam Log

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.09.2015
Suchlaufzeit: 14:53
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.02.05
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Filep

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 450577
Abgelaufene Zeit: 8 Min., 21 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
         
Eset Log.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=884444ab15343342958a6407ad625575
# end=init
# utc_time=2015-09-02 01:03:58
# local_time=2015-09-02 03:03:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25565
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=884444ab15343342958a6407ad625575
# end=updated
# utc_time=2015-09-02 01:11:10
# local_time=2015-09-02 03:11:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=884444ab15343342958a6407ad625575
# engine=25565
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-02 02:28:59
# local_time=2015-09-02 04:28:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 87 89 936057 203800724 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 178425 192833989 0 0
# scanned=386594
# found=142
# cleaned=0
# scan_time=4668
sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe.vir"
sh=DBC8AD4693B91AB7916C242622B29C209F335CCA ft=1 fh=cdf9e87ab1c0297d vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\Sysnative\roboot64.exe.vir"
sh=0E7C7C3984E2F9C69296D89FC75C5507CFB45C24 ft=0 fh=0000000000000000 vn="Variante von Win32/Solimba.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Filep\Downloads\Icy Tower.zip"
sh=2EC1D10BD0D4F71CCFD02BFD766986EC88C0B7FC ft=1 fh=ff28826a0bbfe168 vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\ProxySettings.dll"
sh=B9C19D20B0D96E3D9C8E72ED0791C6FB2B77AAAD ft=1 fh=ff125595eb936734 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Communication.NamedPipe.dll"
sh=637D3859E6B38DDB33914DBEB27A94D6A35CC3B2 ft=1 fh=8ac43ac923ce5482 vn="Variante von MSIL/Toolbar.Linkury.AC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.GUI.Docking.dll"
sh=C2AB7694841EBD33388534F816BD5DB106477FFC ft=1 fh=045e6a88813d3bcc vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Infrastructure.Utilities.dll"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=2A202A2F429F4102BD3516F2C116925EEA12E7E1 ft=1 fh=b18d6bdb77076cb4 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spbe.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spusm.dll"
sh=F6C87DDAD471C76D3CC2D79EDDF405591C807BD0 ft=1 fh=f5edc0ac44f0273c vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\sreu.dll"
sh=A80CE1722B00015806A72129AD99D6CD456BC430 ft=1 fh=a0739cbdc3e3df69 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\srpu.dll"
sh=C5FAF56605FD39E793236B914E13096861955C44 ft=0 fh=0000000000000000 vn="Win32/SubSeven.22 Trojaner" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$R9PCR48.0\cgi\setup.cgi"
sh=DC5B77F5CC38F7EC9AF9C0ADE5254EF7CBB0F0EE ft=1 fh=1f98fff82a2cf428 vn="Win32/Adware.SaveNow Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\BSINSTALLDE.exe"
sh=9EE0733642C8AF058949F842EB027707EB49F997 ft=1 fh=235bec411af72c00 vn="Variante von Win32/Adware.Kazaa.A Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\kmd.exe"
sh=FECCED50B65B111CE659110154E1496B2B747627 ft=1 fh=ea201ae72b3ceb78 vn="Mehrere Bedrohungen" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\netpumper-1.23-setup.exe"
sh=1DC7A5B73E687100CC54DA688E0035C6CF3265AD ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\Spiele\[PC GAME NO CD] Lord of the Rings Battle for Middle Earth.zip"
sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe"
sh=DBC8AD4693B91AB7916C242622B29C209F335CCA ft=1 fh=cdf9e87ab1c0297d vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe"
sh=1CBFF3BADC71DF7CE2A39D6513F977BFC5E88D33 ft=1 fh=be5c08edcfbfb2a8 vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll"
sh=1B914EB3AB94F1466EB595D38785F15E52DB848B ft=1 fh=8ac696ba96ab6d55 vn="Variante von Win32/Toolbar.SearchSuite.AC evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe"
sh=D9661E7DF46F4FCB37E7D8C3E1BF74ED9332F66D ft=1 fh=e6b80258c992497f vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll"
sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe"
sh=5618448E0195BA9251A1A0A5132CE2612037D630 ft=1 fh=ccf0f11a65c989b1 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll"
sh=9069C1AE362702A5CFD0947D07C49791244CF7E1 ft=1 fh=b2a7890de2375dad vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll"
sh=FEC329015A05713AF1099846DA6776DE31CF1C79 ft=1 fh=d0c5b0d7efa7296b vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll"
sh=CC3E4DF6F706D1DD3EEEF749169F25D791A9E137 ft=1 fh=8e73515f6fa99a5a vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll"
sh=DD8D791EF618CF7E811163BD85712B508835F16B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\LPTInstaller.msi"
sh=83B4FA6DB6962D7B2481EF59B5EE91FD58B63130 ft=1 fh=addb3552374cb86e vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\ProxySettings.dll"
sh=A28076214311001A56B2E6106572C7D0BFE55B17 ft=1 fh=64ddbd5518bd4024 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll"
sh=C61AB5CAAC9E4C1281A6CD28E94783B6C99CC0B5 ft=1 fh=67630488935d94ba vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll"
sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=FFE23BDD6346E7C5D29C42177F20155CC9F46D54 ft=1 fh=7a155473475e5bcb vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\smia.exe"
sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\smia64.exe"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\sppsm.dll"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\spusm.dll"
sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srbs.dll"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srbu.dll"
sh=B25F19560EA6FB1C071141C1504B193CA65197F4 ft=1 fh=07207bd1a8646c50 vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\sreu.dll"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srptc.dll"
sh=EC57672B84D7BEA8A2C29BE3A5F036065A25247A ft=1 fh=486c15f1356944c1 vn="Variante von MSIL/Toolbar.Linkury.U evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srptm.exe"
sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srut.dll"
sh=2F86D264D9A07A1B011581D5F601471DBDFFA6ED ft=1 fh=c477c8da445430eb vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdli.dll"
sh=7E2E92CB1757B9C6C5A15F2A3580048BBFA14A1B ft=1 fh=153cd01bb662b989 vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdli64.dll"
sh=0E1FEB0F3AF55FDE12A93DC04ED7A5CA78DBC65F ft=1 fh=a72aac3d074632ae vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdlil.dll"
sh=1FC6D13E860C374F82E7ED794D90F2FFF76BF452 ft=1 fh=6c14e3e167a49ab7 vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\ntdis_32.dll"
sh=A41A407346118B661CEC513AD36A4482033251C6 ft=1 fh=13b93acb53fc915a vn="Variante von Win64/Toolbar.Linkury.A.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\ntdis_64.dll"
sh=CF5AA05A6E333AA9885344A74206B0A4E75759EB ft=1 fh=7082011e713b1fc7 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Lrcnta.exe"
sh=83B4FA6DB6962D7B2481EF59B5EE91FD58B63130 ft=1 fh=addb3552374cb86e vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\ProxySettings.dll"
sh=A28076214311001A56B2E6106572C7D0BFE55B17 ft=1 fh=64ddbd5518bd4024 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll"
sh=6B39B0BB7D6BE0BC46B81B1709E062275ABD831F ft=1 fh=3251082e0b3613be vn="Variante von MSIL/Toolbar.Linkury.AC evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll"
sh=4C685D9DCC2D144D70ED50B918660F8C86A71BAF ft=1 fh=c4739051513afd1d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll"
sh=24B15C15E9C1B13854A6C30CB9DE35B422AE6A4B ft=1 fh=11858545bf819d27 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll"
sh=5B47B8E46C04FA3CE610CD1C583F2A77C8768BED ft=1 fh=b022a1896b0948ba vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll"
sh=64E541FF22567CC88631E1B5B21DCE0A68A01436 ft=1 fh=2295c923ac6e9738 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll"
sh=C61AB5CAAC9E4C1281A6CD28E94783B6C99CC0B5 ft=1 fh=67630488935d94ba vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll"
sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll"
sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smia64.exe"
sh=618D7CCD8FC26B9DD182002D94FDE0EC2412A339 ft=1 fh=6cae1c096c687eea vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smsp.dll"
sh=7AB836645400B6C93597C98F01344925B26ECB34 ft=1 fh=ccaa2072c2336201 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smta.dll"
sh=EB25F2FC448AACEAA3E5CB017E712369E42C9747 ft=1 fh=6f92e9d9af0788c8 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smtu.dll"
sh=202B30E1DE95B9E2326E84C56125C4332788EDA8 ft=1 fh=85a07bdf5b422be2 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spbe.dll"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spbl.dll"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\sppsm.dll"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spusm.dll"
sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srbs.dll"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srbu.dll"
sh=B25F19560EA6FB1C071141C1504B193CA65197F4 ft=1 fh=07207bd1a8646c50 vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\sreu.dll"
sh=F3EB186AE221978925BDF95B9EBD7110B7B29361 ft=1 fh=5ffd94704bbd93ac vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srpu.dll"
sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srut.dll"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll"
sh=352FEEF409CBE5A1E9E141FF3ED10973FDDE0BEF ft=1 fh=e46e9e7fffe02575 vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli.dll"
sh=2F86D264D9A07A1B011581D5F601471DBDFFA6ED ft=1 fh=c477c8da445430eb vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli.dll.tmp"
sh=20BEA6C3838A6722DD77645E7F7078E7FFDFC87B ft=1 fh=f7550168cf5bb87a vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli64.dll"
sh=7E2E92CB1757B9C6C5A15F2A3580048BBFA14A1B ft=1 fh=153cd01bb662b989 vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli64.dll.tmp"
sh=D5F1695D5B190DC9C3349A2A7659B9E0780849A1 ft=1 fh=79fe5bc84778d475 vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdlil.dll"
sh=0E1FEB0F3AF55FDE12A93DC04ED7A5CA78DBC65F ft=1 fh=a72aac3d074632ae vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdlil.dll.tmp"
sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\62FA.tmp"
sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\6B60.tmp"
sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\6B61.tmp"
sh=AF2C51167C4DD2B3F085FF9F1BBDD02ECAE5F31A ft=1 fh=870976e227533f87 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\ICReinstall_nsi27EF.tmp"
sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Kollegah_King_Downloader.exe"
sh=AF2C51167C4DD2B3F085FF9F1BBDD02ECAE5F31A ft=1 fh=870976e227533f87 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\nsi27EF.tmp"
sh=EE7646E9A9ECD2FA138A5EE732368D3785E060B2 ft=1 fh=a9e6d2fee3def72a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\IEHelper.dll"
sh=730970F5946FBAD6B127C41A8C224AE2D2335F48 ft=1 fh=e3b7f7ac4b096ca3 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\MyBabylonTB.exe"
sh=1B2983DD978DB886263B1740E4C7E0CA1CEF88C4 ft=1 fh=29f8994b325a4b60 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\Setup.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus1322\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus164D\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus1F14\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus222\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus31B\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus36A1\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus5AB\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus5CE\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus65E2\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus96E5\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busCCF5\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busE510\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF1DC\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF22A\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF3D0\CrxUpdater_g.exe"
sh=A5B2C42049A8340306CD976682585AAC803F3A89 ft=1 fh=6d4efb7db87b3c41 vn="Variante von Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF45D\fntupdtr.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF833\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFB6E\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFC67\CrxUpdater_g.exe"
sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFD22\CrxUpdater_g.exe"
sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Download_85BD\Kollegah_King_Downloader.exe"
sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Download_90AD\oxyinst.exe"
sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BExternal.dll"
sh=EEFF60A396BED04892CA52676900D8587DDBF535 ft=1 fh=68bfd67c0e83835c vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BUSolForMontiera.dll"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BUSolution.dll"
sh=8440A7218C16DEECD3F6DB6555C98815BA9D19EF ft=1 fh=7fd29e57d5490fe7 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\ccp.exe"
sh=3B15680A3589647FF70A88674775D76A6091CA58 ft=1 fh=f4428b42dcd5e354 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\ChromeToolbarSetup.dll"
sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\CrxInstaller.dll"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\IEHelper.dll"
sh=25EA5C7F4A48D166A2006CA37B936ECA340F58ED ft=1 fh=c71c0011e4611a52 vn="Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\MntrDLLInstall.dll"
sh=63B9ACAA33978D6BA181B45C51DABE9FF76B50AA ft=1 fh=75ac944de1f3f413 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\Setup.exe"
sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\1884879_stp\icc.dll"
sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\213134850_stp\icc.dll"
sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\37137336_stp\icc.dll"
sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\38338503_stp\icc.dll"
sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\91148_stp\icc.dll"
sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Kollegah KingDownload_886C\Kollegah_King_Downloader.exe"
sh=8BBBF899968C13EBDD0D374BFC5A1226C2CCAA4E ft=1 fh=e3203141e68830b7 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\n7203\systemspeedup_1203-72c8223c.exe"
sh=C90629835BF226820E3D665F4F994FDADBB6FA63 ft=1 fh=da0c0b9de52fd9f9 vn="Variante von Win32/ELEX.AL evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\n7203\webssearches_1006-0b8bb60b.exe"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\ldrtbInc0.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\tbInc0.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=5580BFC0B09834F6FC072B28C439D88178C5088F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\b454ca0-64ccdb6c"
sh=16BF44BC4DE2C4D83E0143E923C18D32083D902C ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.JU Trojaner" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\5b5f436b-54caba76"
sh=37CCAD86409E08816A4C00F1DBEA4604BA36D3A1 ft=1 fh=919a9505016e0e1e vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\OpenCandy\A339A08FA7CE4344A3DB859E49E61D05\DeltaTB.exe"
sh=4F1EC034FA273DF15EBEF1E3FA66F819DB8A1943 ft=1 fh=752909aa377c6468 vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\OpenCandy\OpenCandy_D36338AD4BF74801A1078D7902416217\registrybooster(9).exe"
sh=ED8CD814782D14B1C20A91EB1D78681F408D1328 ft=1 fh=e295b31a0ce14a28 vn="Variante von Win32/TrojanDropper.MsiDrop.A Trojaner" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\RHEng\6526CD65039B4A62BE3044475B568977\Installer.exe"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\systweak\ssd\SSDPTstub.exe"
sh=B07E725C96415205EEB1DEC6D4A8E7AD82BA2880 ft=1 fh=3ac679bcc602ba76 vn="Variante von Win32/Toolbar.SearchSuite.J evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\Downloads\jZipSetup-r398-n-bc.exe"
         

Alt 02.09.2015, 22:23   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
redirect Virus Windows 7 - Standard

redirect Virus Windows 7



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Filep\Downloads\Icy Tower.zip
C:\Windows\Installer\MSIC8CE.tmp-\
F:\Programme\Program Files (x86)\Uniblue
F:\Programme\Program Files (x86)\Windows iLivid Toolbar
F:\Programme\Users\Filep\AppData\Local\LPT\
F:\Programme\Users\Filep\AppData\Local\Smartbar
F:\Programme\Users\Filep\AppData\Local\Temp
F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2
F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
F:\Programme\Users\Filep\AppData\Roaming\OpenCandy
F:\Programme\Users\Filep\AppData\Roaming\RHEng
F:\Programme\Users\Filep\AppData\Roaming\systweak\ssd\SSDPTstub.exe
F:\Programme\Users\Filep\Downloads\jZipSetup-r398-n-bc.exe
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu redirect Virus Windows 7
akamai, bonjour, computer, dnsapi.dll, ebay, explorer, flash player, ftp, google, iexplore.exe, installation, mozilla, mp3, prozesse, redirect, registry, rundll, scan, security, software, stick, symantec, system, temp, usb, virus, windows, windows 7




Ähnliche Themen: redirect Virus Windows 7


  1. redirect virus
    Alles rund um Windows - 22.09.2015 (19)
  2. Google Redirect Virus entfernen bei Windows 8
    Log-Analyse und Auswertung - 07.06.2015 (5)
  3. Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)
    Log-Analyse und Auswertung - 08.07.2014 (31)
  4. redirect Virus
    Log-Analyse und Auswertung - 12.03.2014 (1)
  5. Windows-XP Google Redirect Virus?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (27)
  6. Windows 7 ihavenet redirect virus
    Plagegeister aller Art und deren Bekämpfung - 03.11.2013 (15)
  7. Google Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (37)
  8. Google Redirect Virus und Windows Sicherheitscenter deaktiviert und lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 10.03.2013 (16)
  9. "Redirect-Virus" unter Windows 8 / "document has moved redirecting..."
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (11)
  10. Blekko-Virus (Google-Redirect) auf Windows XP Pc
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (26)
  11. Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (8)
  12. Redirect-Virus?
    Plagegeister aller Art und deren Bekämpfung - 02.07.2012 (23)
  13. BOO/TDss im Masterboot und Google Redirect Virus - windows fährt runter
    Log-Analyse und Auswertung - 28.06.2012 (1)
  14. Google redirect Virus.
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (22)
  15. Redirect-Virus
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (21)
  16. Search Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 19.09.2011 (16)
  17. google redirect virus
    Log-Analyse und Auswertung - 09.07.2011 (7)

Zum Thema redirect Virus Windows 7 - hi, bei mir öffnet sich immer wieder eine neu Seite von redirect. Parallel dazu öffnet sich die Seite Seitensprungarea. habe bereits das erste mal FRST drüber laufen lassen. Hier die - redirect Virus Windows 7...
Archiv
Du betrachtest: redirect Virus Windows 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.