|
Plagegeister aller Art und deren Bekämpfung: Cursor friert für kurze Zeit einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.12.2015, 16:45 | #1 |
| Cursor friert für kurze Zeit ein Hallo, seit etlichen Tagen habe ich das Problem, dass der Cursor für einen Zeitraum von etwa 5 bis 20 Sekunden einfriert. Kann es sein ich habe mir da was eingefangen? Bitte helft mir auf die Sprünge! vG Klaus |
20.12.2015, 23:14 | #2 |
/// Malwareteam | Cursor friert für kurze Zeit einMein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Wir benötigen für eine sinnvolle Analyse zuerst ein FRST-Log. Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: Bitte Posten
__________________ |
21.12.2015, 13:33 | #3 |
| Cursor friert für kurze Zeit ein Hallo Dennis,
__________________hier das Ergebnis des ersten Scans. FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von Klaus (Administrator) auf LAPTOP (21-12-2015 13:07:44) Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus & DefaultAppPool (Verfügbare Profile: Klaus & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Solution.Updater.exe (Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\BatteryModule.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\BatteryModule.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [788176 2015-11-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare) HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\RunOnce: [{d0e166af-1634-4c0b-ae96-2180e61f9d38}] => C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe [918848 2015-12-18] (Avira Operations GmbH & Co. KG) <===== ACHTUNG HKLM-x32\...\RunOnce: [360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e] => C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat [592 2015-12-20] () <===== ACHTUNG Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18] ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03] ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei) BootExecute: autocheck autochk * ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FB8724D7-90A0-4C16-BC5A-031DF42642B4}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de URLSearchHook: [S-1-5-21-3074472845-1740885614-3036682275-1008] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei BHO: Kein Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Keine Datei BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Keine Datei Toolbar: HKLM-x32 - Kein Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - Keine Datei Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898 FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.) FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml [2015-10-30] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31] FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\2020Player_IKEA@2020Technologies.com [2015-10-15] FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19] FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29] FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden FF HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Klaus\AppData\Local\Temp\tbch.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [936544 2015-11-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1105952 2015-11-11] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () S2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-23] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-23] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation) S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert] R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] () S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert] S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH) R3 360AvFlt; system32\DRIVERS\360AvFlt.sys [X] R3 360Box64; system32\DRIVERS\360Box64.sys [X] U3 DfSdkS; kein ImagePath S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X] S3 NPF; system32\drivers\NPF.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S1 ttnfd; system32\drivers\ttnfd.sys [X] S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-21 13:06 - 2015-12-21 13:07 - 00000000 ____D C:\FRST 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer 2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero 2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools 2015-12-03 11:20 - 2015-12-21 13:08 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job 2015-12-03 11:20 - 2015-12-21 13:00 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job 2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA 2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox 2015-11-30 14:53 - 2015-11-30 14:53 - 00000000 __SHD C:\$360Section 2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-30 14:27 - 2015-11-30 14:27 - 00000000 ____D C:\360SANDBOX 2015-11-30 14:26 - 2015-11-30 14:26 - 00000000 ____D C:\Program Files (x86)\360 2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK 2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp 2015-11-22 12:46 - 2015-11-22 12:46 - 00000000 ____D C:\Users\Klaus\Neuer Ordner (2) 2015-11-22 12:24 - 2015-11-22 12:24 - 00000000 ____D C:\Users\Klaus\Tierische Werbung 2015-11-21 17:32 - 2015-11-21 17:32 - 00000000 ____D C:\Users\Klaus\Neuer Ordner ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-21 13:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-21 13:01 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-21 13:00 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-21 12:59 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job 2015-12-21 12:59 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job 2015-12-21 12:59 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-20 20:03 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc 2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-20 16:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-20 16:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser 2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat 2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat 2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-19 08:30 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass 2015-12-19 08:28 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps 2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live 2015-12-18 08:04 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-18 08:02 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-15 12:10 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus 2015-12-13 17:08 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive 2015-12-13 17:08 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox 2015-12-13 17:08 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox 2015-12-13 17:05 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-13 17:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss 2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP 2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle 2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss 2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER 2015-11-30 15:13 - 2015-08-08 17:39 - 00000306 __RSH C:\ProgramData\ntuser.pol 2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt 2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos 2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft 2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump 2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3 2015-11-23 16:46 - 2013-10-18 08:13 - 00000000 ____D C:\ProgramData\Oracle 2015-11-23 15:39 - 2011-10-24 19:11 - 00000000 ____D C:\Program Files (x86)\Pinnacle 2015-11-23 15:33 - 2014-01-15 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-11-23 15:33 - 2013-10-18 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-23 15:33 - 2011-11-12 12:19 - 00000000 ____D C:\Program Files (x86)\Java 2015-11-23 15:32 - 2015-11-05 17:41 - 00000000 ____D C:\Users\Klaus\.oracle_jre_usage 2015-11-23 15:30 - 2015-04-16 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-11-23 15:14 - 2015-01-30 16:24 - 00000000 ____D C:\Program Files\CDBurnerXP 2015-11-22 13:08 - 2015-01-30 16:24 - 00001748 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2015-11-22 13:08 - 2015-01-30 16:24 - 00001698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe 2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll 2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx 2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt 2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res 2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db 2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def 2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe 2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Klaus\AppData\Roaming\LL 2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini 2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat 2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf 2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log 2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys 2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp 2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat 2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml 2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG 2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus 2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel 2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg 2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr 2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log 2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe 2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2015-10-29 17:55 - 2015-10-29 17:55 - 0000016 _____ () C:\ProgramData\mntemp Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat C:\Users\Klaus\jobq.dat C:\Users\Klaus\netzlw.vbs C:\Users\Klaus\time1.bat C:\Users\Klaus\vbaconv.bat Einige Dateien in TEMP: ==================== C:\Users\Klaus\AppData\Local\Temp\-bfjpesr.dll C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe C:\Users\Klaus\AppData\Local\Temp\avgnt.exe C:\Users\Klaus\AppData\Local\Temp\ctmyh-q6.dll C:\Users\Klaus\AppData\Local\Temp\DivXSetup.exe C:\Users\Klaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvlefog.dll C:\Users\Klaus\AppData\Local\Temp\GLF2767.EXE C:\Users\Klaus\AppData\Local\Temp\GLF3E32.EXE C:\Users\Klaus\AppData\Local\Temp\GLF5C66.EXE C:\Users\Klaus\AppData\Local\Temp\GLF6878.EXE C:\Users\Klaus\AppData\Local\Temp\HOST17152.exe C:\Users\Klaus\AppData\Local\Temp\ikryuqe5.dll C:\Users\Klaus\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Klaus\AppData\Local\Temp\ls3grcji.dll C:\Users\Klaus\AppData\Local\Temp\pf3lfiun.dll C:\Users\Klaus\AppData\Local\Temp\tmd_34019176.exe C:\Users\Klaus\AppData\Local\Temp\uninstall.exe C:\Users\Klaus\AppData\Local\Temp\v9o1xnos.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-12 11:01 ==================== Ende von FRST.txt ============================ |
21.12.2015, 13:35 | #4 |
| Cursor friert für kurze Zeit ein Hier Teil 2 FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015 durchgeführt von Klaus (2015-12-21 13:13:10) Gestartet von D:\Eigene Dateien\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2011-01-26 10:02:04) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3074472845-1740885614-3036682275-500 - Administrator - Disabled) Gast (S-1-5-21-3074472845-1740885614-3036682275-501 - Limited - Disabled) Klaus (S-1-5-21-3074472845-1740885614-3036682275-1001 - Administrator - Enabled) => C:\Users\Klaus ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Avira Antivirus (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AceHTML 5 Freeware (HKLM-x32\...\AceHTML 5 Freeware) (Version: - ) AceHTML Freeware (HKLM-x32\...\AceHTML Freeware) (Version: Build 11 - ) Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems) Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.) Ahnenblatt 2.83 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.83.0.1 - Dirk Böttcher) Any Video Converter 5.8.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft) ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft) ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{5b07d59f-99e0-4c52-ad25-965f7e38d6ac}) (Version: 1.1.51.19070 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP) CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World) Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version: - Franzis.de) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC) DjVu Converter (HKLM-x32\...\{C7295DBA-FB02-4898-AE48-783812A4F7F9}_is1) (Version: - djvuconverter.com) Dropbox (HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink) Excel Protection Remover (HKLM-x32\...\ST6UNST #1) (Version: - ) ExifPro 2.0 Photo Viewer (HKLM-x32\...\ExifPro 2.0) (Version: - ) Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger) FamilySearch Indexing 3.9.9 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.9.9 - FamilySearch) Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation) Fences (Version: 1.0 - Stardock Corporation) Hidden Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com) Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.69 - IGC) Free Video to JPG Converter version 5.0.34.225 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.34.225 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.61.805 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.61.805 - DVDVideoSoft Ltd.) Frutti for Noobs 2 (HKLM-x32\...\Frutti for Noobs 2) (Version: - ) GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft) HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked) HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{0A8BEF69-0DD7-4A8F-9AED-0CB91BEBCB58}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard) HP Print View Software (HKLM\...\{1E95102E-27A4-416F-A9D1-308C9603F14A}) (Version: 3.0.0.0 - Hewlett-Packard) HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version: - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Jigsaws Galore Version 7 Free Edition (HKLM-x32\...\Jigsaws Galore 7 Free Edition_is1) (Version: - Gray Design Associates) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass) Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.25 - PasswdFinder) MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - ) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation) Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Setup (Deutsch) (HKLM\...\{24BB9353-944E-46BC-BBA8-B8F83E8DBB51}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU CTP1 (HKLM\...\{CA62C93E-A637-4BEC-B90D-69ABFBEB402C}) (Version: 4.0.8854.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - ) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.27.40 - Huawei Technologies Co.,Ltd) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla) MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version: - ) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2013 - Abelssoft) Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG) NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - ) NirSoft WirelessNetView (HKLM-x32\...\NirSoft WirelessNetView) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - ) Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - ) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) Paragon Easy CD-DVD Recorder Demo (HKLM-x32\...\{6D5F5816-08ED-4ED1-9063-8225A3A7E278}) (Version: - ) PC-WELT-Win7SP2 1.0 (HKLM\...\{E2EF3441-468D-4568-881E-370F22E2D49F}_is1) (Version: - IDG Magazine Media GmbH) pcwPatchLoader 2.2.4 (HKLM-x32\...\{84420A29-9A17-416E-AE2E-019BC23B5353}_is1) (Version: - IDG Magazine Media GmbH) PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke) Photomizer 2 SE (HKLM-x32\...\{41B5224D-F3EC-4EF7-0001-6CD233878EF0}) (Version: 2.0.13.425 - Engelmann Media GmbH) Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems) Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems) PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation) PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation) Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.) Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) ScanIT-Client 3.4 (HKLM-x32\...\ScanIT-Client_is1) (Version: - GfK SE) SDL BinScope (HKLM-x32\...\{B137EB8C-FA6C-4DA7-95F0-A9B6FFE67A64}) (Version: 1.0.1 - Microsoft Corporation) Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.0.2102.0 - Seagate) Seagate Manager Installer (HKLM-x32\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate) Seagate Manager Installer (x32 Version: 2.01.0109 - Seagate) Hidden SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology) Secunia PSI (2.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden soft Xpansion Perfect PDF 6 Office (HKLM-x32\...\{A6D309F9-38AB-4cc3-8DA7-0544F5011788}) (Version: 6.4.1 - soft Xpansion) soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion) SpeedCrunch 0.11 (HKLM-x32\...\SpeedCrunch_is1) (Version: - SpeedCrunch) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) VAIO - Media Gallery (HKLM-x32\...\{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}) (Version: 1.4.1.12150 - Sony Corporation) VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation) VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.6.10.11160 - Sony Corporation) VAIO Care (HKLM\...\{6EEC3E9C-3479-42EB-B93C-E7DF7927DD82}) (Version: 8.4.4.09181 - Sony Corporation) VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation) VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation) VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation) VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation) VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) VBA Password DEMO version 15.0 (HKLM-x32\...\{BABBE752-6969-42EC-8EAC-4D07604BCD55}_is1) (Version: 15.0 - LastBit.com) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Version 2.0 (HKLM-x32\...\VBAPass97 2.0_is1) (Version: - ) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation) Windows HLP To RTF V8.0 (HKLM-x32\...\Windows HLP To RTF V8.0_is1) (Version: - YpgSoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinHTTrack Website Copier 3.48-9 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.9 - HTTrack) Wondershare Photo Recovery(build 2.0.3) (HKLM-x32\...\Wondershare Photo Recovery_is1) (Version: - Wondershare Software) WSCC 2.5.0.1 (HKLM-x32\...\WSCC_is1) (Version: - KirySoft) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 01-12-2015 18:41:13 Windows Update 06-12-2015 10:43:37 Windows Update 10-12-2015 08:01:26 Windows Update 13-12-2015 11:33:29 Windows Update 13-12-2015 17:09:35 Installed Nero 11 InfoTool. 16-12-2015 18:31:35 Windows Update 20-12-2015 14:58:27 Windows Update ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {039A07D1-A2B9-45C0-BD19-49690FD83DE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {07D4AA24-D497-4001-910D-41CFECF18CD6} - System32\Tasks\{C7ED5386-D57A-4EE9-B196-C5A7CDB5814E} => pcalua.exe -a C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL -c Nokia Connection Manager Task: {0885AE72-75F9-43DF-BDBD-589259EB1DF0} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {0B34DC19-1384-4702-B339-50AA74B9BB75} - System32\Tasks\Klaus1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC) Task: {0BAD74C5-C8BE-463A-B9D2-435751671C6E} - System32\Tasks\{F0337A20-BC9C-45B4-8747-866EE7685E14} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe" Task: {12574A46-5BB3-4B18-832E-A0F2914603B0} - System32\Tasks\Klaus1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC) Task: {15C2BA37-1546-45E1-A823-DCB117AFB4AE} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {1616CAB9-29A8-4DD0-8D5A-BB886FCB1CB9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {19417406-1995-4E80-916B-A8F1CAB989F6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3074472845-1740885614-3036682275-1001 Task: {1CF81235-00F6-4816-A5EB-69AE64A37D4D} - System32\Tasks\DriverBoost-RTMScanRunOnce => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe Task: {1EE705D8-D067-4735-BBF6-40695E17127F} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe Task: {26B7FB74-A020-4964-946D-96FC4545A1F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {3A353DDC-0642-49E8-AEEE-76F3C6D2451C} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) Task: {3E9838B7-A150-45E9-BFBF-394BB4282449} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {3FDD9109-DAB0-4863-8B5A-E285CABF7B6B} - System32\Tasks\{12F6BB85-6848-4135-9E2F-51D078C4D088} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung Task: {491AD1C2-C187-4DEA-8D30-004774FF75F9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {49B89204-1C6D-46B1-91EA-9BEE8E0EBC30} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {4AC60758-327A-4E9D-9092-61BDEED842EF} - System32\Tasks\{8586105B-1F7A-406A-9FC7-51BC3A1D794B} => pcalua.exe -a "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\PROJECTS\TOOLS\LEOPARD\innounp.exe" -d "d:\Eigene Dateien\Downloads\multiPE" -c -x -b -q -d"D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\extract" "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\download.exe" Task: {5D0A4BE5-9970-4259-BF30-FB8AB223416D} - System32\Tasks\{ABC60670-A460-465C-9B97-212DCFD5465C} => pcalua.exe -a "D:\Eigene Dateien\Downloads\QuickTimeInstaller.exe" -d "d:\Eigene Dateien\Downloads\" Task: {614740B0-4ADB-4F65-AD1D-E2D435C9AF28} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {6720139A-BAC1-45A6-A4ED-306CFCC522CF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-04-01] (Seagate Technology LLC) Task: {67343D87-E736-44B9-A13A-E2B8C5350BD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {675619FA-94CC-4069-A717-2569CD32E816} - System32\Tasks\LL => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG Task: {6DC6A912-7B27-4568-95D4-BAED9FA1D618} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe Task: {6E8871DA-C9F1-4696-A91D-54EC99FEEFDA} - System32\Tasks\CWSLOE => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: {6EC63CDF-8431-4DA2-8945-7C600164F5EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {75E39019-C4CC-4EB0-B5E2-0FDE37CA2F4D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {771ED35C-0486-4613-8B96-3B79FA03779F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation) Task: {78DF4BAC-B69A-472F-926A-177FE4507BFD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {7E9A1E18-8096-4D6C-8963-72CFB8D80E52} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation) Task: {93FD7C56-B4C3-4E77-9CD2-0DCEE3629803} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {94602960-5314-426D-9A89-B2963F96F345} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation) Task: {94A0C089-0A35-4F05-96B2-62D98BDC59F9} - System32\Tasks\{2B9CF77D-AE9E-4A00-A040-58557720103A} => pcalua.exe -a C:\Users\Klaus\AppData\Local\Temp\GLF80C7\Setup.exe -d C:\Users\Klaus\AppData\Local\Temp\GLF80C7 -c -s -SMS Task: {9D53AEA0-E725-43C1-8B69-36D0034B4A89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {A8673728-8118-4654-BC05-5D78A891AD2A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation) Task: {AE31F376-8A3F-4597-AD1C-D5CE26B921B2} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {B20290E4-BD2A-4088-8CEF-E5E63E27F239} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {B309C4C3-8093-4497-9284-8C1A3B540ABC} - System32\Tasks\{870005DC-CA58-4ED9-8C15-6EB0D6F041E8} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{10C51313-A308-4B40-90E3-B368D5882660}\setup.exe" -c -runfromtemp -l0x0007 -removeonly Task: {B7186D47-A3B8-4529-ADEF-4C58B845085D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {CAC5CBED-7DE9-42CF-B7BE-6F8062BF5215} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {CE244184-0F4F-45B0-8016-87D86531DFE2} - System32\Tasks\{62E86545-595A-4543-B0E6-AD03A0F82400} => pcalua.exe -a "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe" -d "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update" Task: {D04F9636-7D65-4AAB-AD44-356BCF1430DE} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe Task: {D371F01D-6C21-4BDF-A5A1-9C78CD3DEBB9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation) Task: {DB8BCBD7-53AB-47C2-841D-BB3D4CE92F7A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {DD529932-CF27-4DE8-8F28-F548B9E95C17} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation) Task: {E8FCCBDC-E2DE-4D03-A5B6-B262C79F28A2} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {EC9B56C2-5659-45AE-912D-41969BB0862C} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {EF56181C-410E-43AD-A983-1C06051088E9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation) Task: {EF8310CF-C95B-4A94-8A0B-834EFD4060F5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.) Task: {F398BC05-C8D9-4AD6-8EA6-E54D0938C611} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe Task: {F793F220-60A2-4590-9FD5-8A57D15053A5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation) Task: {FE0201AA-499D-4258-AA2B-C7BF9F630F43} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.) Task: {FE2E05E6-0505-42EA-9F11-F33C0096AC0A} - System32\Tasks\Klaus DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-04-01] (Seagate Technology LLC) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CWSLOE.job => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\LL.job => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://feed.helperbar.com/?publisher=YahooSM&dpid=YahooSM&co=DE&userid=9d274d60-2961-a68a-7e5a-56a6cdbf4c7b&searchtype=sc&fr=linkury-tb&installDate=14/10/2014&barcodeid=145243&um=0&type=hp15000 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-11-30 14:26 - 2015-09-21 06:29 - 00613968 ____N () C:\Program Files (x86)\360\Total Security\MenuEx64.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-08-24 14:39 - 2010-08-24 14:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-02-23 19:34 - 2011-02-23 19:34 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-06-01 18:28 - 2015-06-01 18:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-09-18 08:53 - 2015-09-18 08:53 - 00245912 _____ () C:\Program Files\Sony\VAIO Care\analyzer.dll 2014-03-25 08:53 - 2015-09-17 08:52 - 00150392 _____ () C:\Program Files\totalcmd\wcmzip64.dll 2014-03-25 08:53 - 2015-09-17 08:52 - 00260184 _____ () C:\Program Files\totalcmd\unRAR64.dll 2010-07-29 12:19 - 2010-05-31 18:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll 2010-07-29 12:19 - 2010-05-31 18:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll 2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2013-05-26 23:50 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu 2014-10-15 14:58 - 2014-10-15 14:58 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\31e3a51afdf7182846a26895b07d3416\IsdiInterop.ni.dll 2010-07-12 22:29 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-02-04 15:37 - 2015-02-04 15:37 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll 2015-12-18 08:07 - 2015-12-18 08:07 - 01114648 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2015-05-29 11:36 - 2015-05-29 11:36 - 00008704 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2015-04-13 14:56 - 2015-04-13 14:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00681408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 2015-04-13 14:58 - 2015-04-13 14:58 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00089024 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00040384 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00044992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00026048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00035264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00025536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2015-04-13 14:59 - 2015-04-13 14:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 2015-04-13 14:57 - 2015-04-13 14:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2011-01-26 21:10 - 2010-08-20 07:02 - 08640832 _____ () C:\Program Files (x86)\123 Free Solitaire\123FreeSolitaire.exe 2011-01-26 21:10 - 2010-08-20 07:02 - 08241472 _____ () C:\Program Files (x86)\123 Free Solitaire\SOL.RGF 2011-01-26 21:10 - 2010-08-20 07:02 - 00539968 _____ () C:\Program Files (x86)\123 Free Solitaire\SOL2.RGF ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:C87E9264B810F2F2 AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\TEMP:6B0023F8 AlternateDataStreams: C:\ProgramData\TEMP:8F6FBE7F ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: SearchAnonymizer => 2 MSCONFIG\Services: SrvUpdater => 2 MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{96D7ED9C-396D-4694-8F87-6539D9691DD4}] => (Allow) svchost.exe FirewallRules: [{1E71CD3C-2050-415F-B5CA-74C2F0623E33}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{3D7BF2D0-63A5-426C-9ED1-71AE1044DF9A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [TCP Query User{BF0A325E-E4B1-4325-B6C9-B63D6FF9BD20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{1CEE091F-0570-4767-A6C2-8C83B04957D3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{3543A0D8-49D8-4D61-A6F4-E5EC4E908C96}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{CA87C826-4839-4C8D-B125-22176CFAE7F7}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{A4904A6B-FB4E-4AA8-B8A1-240E1E15C221}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{24A5CC1F-1D18-4AE3-ADC0-25ECA87510C8}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe FirewallRules: [{2A652DD3-9569-4621-BB0A-97AAA8CC4687}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe FirewallRules: [{FBBBC668-5535-47AA-9E67-5510FA4D07D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe FirewallRules: [{CFFCDC5B-B399-4024-8713-07B824F1893A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe FirewallRules: [{016927C7-1648-4969-9FDA-482F18C927AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe FirewallRules: [{9D061F69-0602-471C-A0B9-AE30DBC49EE0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe FirewallRules: [{8B8381C7-C8F7-480F-BDBD-ED75D19B5200}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{9936BC3B-5870-487B-B3C2-4222524E6980}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{151D7654-4584-4E37-A6DB-BFF7C986826F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [TCP Query User{1000CD98-4666-456F-8959-59FF989FB354}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{EE87E345-DB27-4DAA-A12C-1480BFE26AF0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{5544699B-8D06-41D6-A99C-F187B74163E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{6FEFC0FC-9E90-476F-94C1-D5EB03C76798}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [UDP Query User{8A72C6B0-CFB4-4220-820C-C5F33BB955B7}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [{55D26F48-0ADF-4517-9556-FCEB79CE33BE}] => (Allow) LPort=8888 FirewallRules: [TCP Query User{52EC8465-7E7F-4359-B351-B255C67DAF8F}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [UDP Query User{DF8C7E65-D056-4B2B-ABFA-51034955DA55}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [TCP Query User{64731D5B-735F-4D6C-B9A1-36D7C4661428}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{5735261D-7661-4966-B685-DF2FC439215C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{60D5B047-B633-4183-89BF-ACE03ACCE89E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B5B057C-3CE7-4D8F-B905-CEB53AD9968F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6AEC4D38-7111-43C2-B0B1-0B80580E1C3F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D419FE31-AF09-4E51-B967-8B099E31466F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{BD2A36F2-CB46-4A9C-9316-FFBDE963E1CD}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{712C158E-9B77-4BFF-A47B-E22359DCABD0}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C88A3359-EECC-4742-9C85-50156A28B1BB}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe FirewallRules: [{640EF910-C2CF-452F-AFEF-17B73F35847F}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe FirewallRules: [TCP Query User{765A819E-5F66-48C4-B2FA-7EB028B04085}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe FirewallRules: [UDP Query User{CA30D60D-5EA0-4443-949E-916698570FF9}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe FirewallRules: [TCP Query User{D204BE1F-4813-4E9E-B879-A3965ACE3207}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe FirewallRules: [UDP Query User{BD1C34E8-0FB6-40A9-A201-665D764E5928}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe FirewallRules: [{05076517-5D3A-430A-AFAD-FC04AABC22AD}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe FirewallRules: [{D7C5C439-F863-4C31-9FA9-A3B0C5885ADC}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe FirewallRules: [{58CF50B0-AE11-4611-A044-06B84A345F50}] => (Allow) LPort=8888 FirewallRules: [{864FD215-E051-4F7E-8B62-F676E32D3A13}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9CE9AA1E-EC8E-448B-BE08-11E1CE4DC743}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AA3B25EB-82AC-4B9B-91B9-E66E3B3D0D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5FF080A5-A3C0-463F-96C1-9655CC6AAA76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F2415DCE-2081-40EE-86D2-250D05FBF005}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe FirewallRules: [{ADF13BC7-65D5-4C79-82C7-7A65E4772B03}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe FirewallRules: [{27027F1E-9964-48D6-801A-616FEE13DF3F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe FirewallRules: [{A12DC2D5-1928-4EC0-9D5C-F320A51AEA31}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe FirewallRules: [{FAF0C2B2-4525-490A-9484-6F38EAA82019}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{269BD79F-F0CB-49D5-A1E1-0D4A20B86D15}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C5417D7B-FB87-4176-8A04-64CC43BBB41B}] => (Allow) LPort=2869 FirewallRules: [{E51322BB-8956-495D-A3EB-0DE7A056FF25}] => (Allow) LPort=1900 FirewallRules: [{3E905ED1-4505-4159-9938-114B4C9CBEF9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{02194C6D-AD1B-4F6A-BBB5-CB801CF09BF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F9CEC52A-34EF-4C24-AB9B-2D0C4753191A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Officejet Pro 8500 A910 Description: Officejet Pro 8500 A910 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart 6510 series Description: Photosmart 6510 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Officejet Pro 8500 A910 Description: Officejet Pro 8500 A910 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: ttnfd Description: ttnfd Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ttnfd Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 60137979 Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 60137979 Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 60136653 Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 60136653 Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 60135593 Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 60135593 Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/20/2015 08:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31949 Systemfehler: ============= Error: (12/21/2015 01:02:08 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (12/21/2015 01:02:08 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (12/21/2015 12:59:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DiagTrack erreicht. Error: (12/20/2015 07:11:59 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 05:32:40 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 05:30:51 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 05:13:33 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 04:37:33 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 03:11:56 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/20/2015 02:36:56 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 CodeIntegrity: =================================== Date: 2015-07-28 09:13:03.826 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.733 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.249 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.171 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2012-12-12 19:55:04.627 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:50.837 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:29.793 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:29.262 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:38:35.537 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:38:26.224 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Prozentuale Nutzung des RAM: 79% Installierter physikalischer RAM: 3950.1 MB Verfügbarer physikalischer RAM: 822.54 MB Summe virtueller Speicher: 7898.4 MB Verfügbarer virtueller Speicher: 2619.57 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:228.21 GB) (Free:31.94 GB) NTFS Drive d: (Daten) (Fixed) (Total:224.11 GB) (Free:17.88 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: AA1C306D) Partition 1: (Not Active) - (Size=13.3 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=228.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=224.1 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ vG Klaus |
21.12.2015, 14:34 | #5 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, Schritt # 1: TDSS-Killer Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 2: Bitte Posten
|
21.12.2015, 15:01 | #6 |
| Cursor friert für kurze Zeit ein Hi, Code:
ATTFilter 14:51:38.0380 0x1858 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 14:51:49.0755 0x1858 ============================================================ 14:51:49.0756 0x1858 Current date / time: 2015/12/21 14:51:49.0755 14:51:49.0756 0x1858 SystemInfo: 14:51:49.0756 0x1858 14:51:49.0756 0x1858 OS Version: 6.1.7601 ServicePack: 1.0 14:51:49.0756 0x1858 Product type: Workstation 14:51:49.0756 0x1858 ComputerName: LAPTOP 14:51:49.0756 0x1858 UserName: Klaus 14:51:49.0756 0x1858 Windows directory: C:\Windows 14:51:49.0756 0x1858 System windows directory: C:\Windows 14:51:49.0757 0x1858 Running under WOW64 14:51:49.0757 0x1858 Processor architecture: Intel x64 14:51:49.0757 0x1858 Number of processors: 4 14:51:49.0757 0x1858 Page size: 0x1000 14:51:49.0757 0x1858 Boot type: Normal boot 14:51:49.0757 0x1858 ============================================================ 14:51:53.0416 0x1858 KLMD registered as C:\Windows\system32\drivers\16136149.sys 14:51:57.0472 0x1858 System UUID: {5F620EDD-B461-7217-F5E6-EC7668405CA4} 14:52:00.0557 0x1858 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:52:00.0596 0x1858 ============================================================ 14:52:00.0596 0x1858 \Device\Harddisk0\DR0: 14:52:00.0597 0x1858 MBR partitions: 14:52:00.0597 0x1858 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AAD800, BlocksNum 0x32000 14:52:00.0597 0x1858 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1ADF800, BlocksNum 0x1C86C030 14:52:00.0608 0x1858 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E34C800, BlocksNum 0x1C039000 14:52:00.0609 0x1858 ============================================================ 14:52:08.0124 0x1858 C: <-> \Device\Harddisk0\DR0\Partition2 14:52:08.0182 0x1858 D: <-> \Device\Harddisk0\DR0\Partition3 14:52:08.0629 0x1858 ============================================================ 14:52:08.0629 0x1858 Initialize success 14:52:08.0630 0x1858 ============================================================ 14:53:05.0043 0x5690 ============================================================ 14:53:05.0043 0x5690 Scan started 14:53:05.0043 0x5690 Mode: Manual; SigCheck; TDLFS; 14:53:05.0043 0x5690 ============================================================ 14:53:05.0043 0x5690 KSN ping started 14:53:07.0927 0x5690 KSN ping finished: true 14:53:12.0140 0x5690 ================ Scan system memory ======================== 14:53:12.0140 0x5690 System memory - ok 14:53:12.0141 0x5690 ================ Scan services ============================= 14:53:12.0866 0x5690 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 14:53:13.0231 0x5690 1394ohci - ok 14:53:13.0278 0x5690 360AvFlt - ok 14:53:13.0291 0x5690 360Box64 - ok 14:53:13.0370 0x5690 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 14:53:13.0471 0x5690 ACDaemon - ok 14:53:13.0537 0x5690 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 14:53:13.0615 0x5690 ACPI - ok 14:53:13.0667 0x5690 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 14:53:13.0754 0x5690 AcpiPmi - ok 14:53:13.0878 0x5690 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:53:13.0927 0x5690 AdobeARMservice - ok 14:53:14.0102 0x5690 [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 14:53:14.0148 0x5690 AdobeFlashPlayerUpdateSvc - ok 14:53:14.0246 0x5690 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 14:53:14.0472 0x5690 adp94xx - ok 14:53:14.0576 0x5690 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 14:53:14.0653 0x5690 adpahci - ok 14:53:14.0702 0x5690 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 14:53:14.0755 0x5690 adpu320 - ok 14:53:14.0810 0x5690 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 14:53:14.0912 0x5690 AeLookupSvc - ok 14:53:15.0351 0x5690 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 14:53:15.0573 0x5690 AFD - ok 14:53:15.0624 0x5690 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 14:53:15.0673 0x5690 agp440 - ok 14:53:15.0705 0x5690 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 14:53:15.0815 0x5690 ALG - ok 14:53:15.0870 0x5690 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 14:53:15.0920 0x5690 aliide - ok 14:53:15.0996 0x5690 [ 3F9B03B72577A6A7405BF30801CBD159, BBB2A26136D6F9BBE0D2982689797C6FF89E2026589CCFBB35D9B845C88472DD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 14:53:16.0457 0x5690 AMD External Events Utility - ok 14:53:16.0504 0x5690 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 14:53:16.0548 0x5690 amdide - ok 14:53:16.0585 0x5690 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 14:53:16.0692 0x5690 AmdK8 - ok 14:53:17.0313 0x5690 [ EA244A8B88DE8B5986BF3B7903B063AF, 44BB9CCCB9A15BF64494318CE047017AF27B373FB5B57E5D05C88A16AE913672 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 14:53:18.0149 0x5690 amdkmdag - ok 14:53:18.0233 0x5690 [ DCA6E341A4A7C31EA8A14C6166C9B249, 35319D428DD5BC055DC1E9B17BFC56C339E408929E9BC83878975DD01A68D652 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 14:53:18.0323 0x5690 amdkmdap - ok 14:53:18.0368 0x5690 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 14:53:18.0438 0x5690 AmdPPM - ok 14:53:18.0505 0x5690 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 14:53:18.0560 0x5690 amdsata - ok 14:53:18.0614 0x5690 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 14:53:18.0680 0x5690 amdsbs - ok 14:53:18.0700 0x5690 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 14:53:18.0742 0x5690 amdxata - ok 14:53:18.0918 0x5690 [ A67DA34878CE085349F010B211EC213A, F16E09DB13C669FFBBC53BBB57CC394BC886FD4B167AFCCDAEAE84E21818C2D1 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 14:53:19.0381 0x5690 AntiVirMailService - ok 14:53:19.0453 0x5690 [ AE8F14295E704D9FD52092B81B3E1F09, FF0AA062D23903A3E3769713AB2F2D4AB307203C9726B9F0783B3E7DDEF08E6D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 14:53:19.0540 0x5690 AntiVirSchedulerService - ok 14:53:19.0633 0x5690 [ AE8F14295E704D9FD52092B81B3E1F09, FF0AA062D23903A3E3769713AB2F2D4AB307203C9726B9F0783B3E7DDEF08E6D ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 14:53:19.0733 0x5690 AntiVirService - ok 14:53:19.0858 0x5690 [ 807AE684CD6BDE9A8692B023993FAF48, 3671002909383757222AD02F717F5A7290F43AA2DD0CC05B4FF451F209E48DDD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 14:53:21.0433 0x5690 AntiVirWebService - ok 14:53:21.0635 0x5690 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 14:53:21.0936 0x5690 AppHostSvc - ok 14:53:22.0014 0x5690 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 14:53:22.0114 0x5690 AppID - ok 14:53:22.0134 0x5690 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 14:53:22.0227 0x5690 AppIDSvc - ok 14:53:22.0293 0x5690 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll 14:53:22.0440 0x5690 Appinfo - ok 14:53:22.0619 0x5690 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:53:22.0681 0x5690 Apple Mobile Device Service - ok 14:53:22.0726 0x5690 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 14:53:22.0775 0x5690 arc - ok 14:53:22.0799 0x5690 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 14:53:22.0847 0x5690 arcsas - ok 14:53:22.0875 0x5690 [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 14:53:22.0903 0x5690 ArcSoftKsUFilter - ok 14:53:23.0395 0x5690 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 14:53:23.0498 0x5690 aspnet_state - ok 14:53:23.0550 0x5690 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 14:53:23.0802 0x5690 AsyncMac - ok 14:53:23.0851 0x5690 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 14:53:23.0888 0x5690 atapi - ok 14:53:24.0039 0x5690 [ CCA705CDF038D5BC243203CE4416B345, C907A4022411D9FDFD5FCEA8D067CF1713F786351FAFA739EDC5B5C3E66B1BAD ] athr C:\Windows\system32\DRIVERS\athrx.sys 14:53:24.0254 0x5690 athr - ok 14:53:24.0689 0x54dc Object required for P2P: [ 807AE684CD6BDE9A8692B023993FAF48 ] AntiVirWebService 14:53:24.0817 0x5690 [ EA244A8B88DE8B5986BF3B7903B063AF, 44BB9CCCB9A15BF64494318CE047017AF27B373FB5B57E5D05C88A16AE913672 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 14:53:25.0305 0x5690 atikmdag - ok 14:53:25.0462 0x5690 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 14:53:25.0613 0x5690 AudioEndpointBuilder - ok 14:53:25.0669 0x5690 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 14:53:25.0743 0x5690 AudioSrv - ok 14:53:25.0893 0x5690 [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 14:53:26.0197 0x5690 avgntflt - ok 14:53:26.0251 0x5690 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 14:53:26.0479 0x5690 avipbb - ok 14:53:26.0618 0x5690 [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 14:53:26.0710 0x5690 Avira.ServiceHost - ok 14:53:26.0759 0x5690 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 14:53:26.0799 0x5690 avkmgr - ok 14:53:26.0869 0x5690 [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 14:53:27.0264 0x5690 avnetflt - ok 14:53:27.0278 0x54dc Object send P2P result: true 14:53:27.0360 0x5690 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 14:53:27.0513 0x5690 AxInstSV - ok 14:53:27.0586 0x5690 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 14:53:27.0725 0x5690 b06bdrv - ok 14:53:27.0779 0x5690 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 14:53:27.0887 0x5690 b57nd60a - ok 14:53:27.0937 0x5690 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 14:53:28.0055 0x5690 BDESVC - ok 14:53:28.0070 0x5690 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 14:53:28.0243 0x5690 Beep - ok 14:53:28.0441 0x5690 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 14:53:28.0724 0x5690 BFE - ok 14:53:28.0844 0x5690 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 14:53:29.0269 0x5690 BITS - ok 14:53:29.0313 0x5690 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 14:53:29.0379 0x5690 blbdrive - ok 14:53:29.0506 0x5690 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 14:53:29.0594 0x5690 Bonjour Service - ok 14:53:29.0735 0x5690 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 14:53:29.0859 0x5690 bowser - ok 14:53:29.0895 0x5690 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 14:53:30.0013 0x5690 BrFiltLo - ok 14:53:30.0038 0x5690 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 14:53:30.0106 0x5690 BrFiltUp - ok 14:53:30.0168 0x5690 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 14:53:30.0268 0x5690 Browser - ok 14:53:30.0311 0x5690 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 14:53:30.0422 0x5690 Brserid - ok 14:53:30.0454 0x5690 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 14:53:30.0524 0x5690 BrSerWdm - ok 14:53:30.0568 0x5690 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 14:53:30.0639 0x5690 BrUsbMdm - ok 14:53:30.0656 0x5690 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 14:53:30.0714 0x5690 BrUsbSer - ok 14:53:30.0782 0x5690 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 14:53:30.0863 0x5690 BthEnum - ok 14:53:30.0895 0x5690 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 14:53:30.0962 0x5690 BTHMODEM - ok 14:53:31.0007 0x5690 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 14:53:31.0099 0x5690 BthPan - ok 14:53:31.0465 0x5690 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 14:53:31.0585 0x5690 BTHPORT - ok 14:53:31.0639 0x5690 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 14:53:31.0797 0x5690 bthserv - ok 14:53:31.0830 0x5690 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 14:53:31.0887 0x5690 BTHUSB - ok 14:53:31.0949 0x5690 [ 59E3510784548C6939C1B3B985C232E3, 7284A4A880307A88C431DE8BA9195C2B256C8598757958B02DB6A80EBB57698E ] btwampfl C:\Windows\system32\drivers\btwampfl.sys 14:53:32.0042 0x5690 btwampfl - ok 14:53:32.0074 0x5690 [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 14:53:32.0121 0x5690 btwaudio - ok 14:53:32.0234 0x5690 [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 14:53:32.0370 0x5690 btwavdt - ok 14:53:32.0510 0x5690 [ 8BA6E93A182126781952A7895EC1E4B2, C11F7187278BA72016D2168E653D6C904E0DFB5B173E4DFBF7D86AD73631D5A6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 14:53:32.0680 0x5690 btwdins - ok 14:53:32.0707 0x5690 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 14:53:32.0749 0x5690 btwl2cap - ok 14:53:32.0772 0x5690 [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 14:53:32.0806 0x5690 btwrchid - ok 14:53:32.0835 0x5690 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 14:53:33.0001 0x5690 cdfs - ok 14:53:33.0075 0x5690 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 14:53:33.0157 0x5690 cdrom - ok 14:53:33.0227 0x5690 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 14:53:33.0410 0x5690 CertPropSvc - ok 14:53:33.0454 0x5690 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 14:53:33.0532 0x5690 circlass - ok 14:53:33.0853 0x5690 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 14:53:33.0947 0x5690 CLFS - ok 14:53:34.0023 0x5690 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:53:34.0077 0x5690 clr_optimization_v2.0.50727_32 - ok 14:53:34.0143 0x5690 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:53:34.0195 0x5690 clr_optimization_v2.0.50727_64 - ok 14:53:34.0338 0x5690 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:53:34.0509 0x5690 clr_optimization_v4.0.30319_32 - ok 14:53:34.0554 0x5690 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:53:34.0631 0x5690 clr_optimization_v4.0.30319_64 - ok 14:53:34.0662 0x5690 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 14:53:34.0807 0x5690 CmBatt - ok 14:53:34.0846 0x5690 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 14:53:34.0895 0x5690 cmdide - ok 14:53:34.0974 0x5690 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 14:53:35.0100 0x5690 CNG - ok 14:53:35.0148 0x5690 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 14:53:35.0187 0x5690 Compbatt - ok 14:53:35.0229 0x5690 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 14:53:35.0311 0x5690 CompositeBus - ok 14:53:35.0331 0x5690 COMSysApp - ok 14:53:35.0445 0x5690 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 14:53:35.0686 0x5690 crcdisk - ok 14:53:35.0779 0x5690 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 14:53:35.0900 0x5690 CryptSvc - ok 14:53:35.0978 0x5690 [ B1C55A95006D621D04FE4A23F86C0A54, 41AE30A454FC3051AFC316A3BD61D96A27E6E4C3B94955F2026549027C1EA9BE ] DCamUSBEMPIA C:\Windows\system32\DRIVERS\emDevice64.sys 14:53:36.0425 0x5690 DCamUSBEMPIA - ok 14:53:37.0171 0x5690 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 14:53:37.0610 0x5690 DcomLaunch - ok 14:53:37.0676 0x5690 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 14:53:37.0886 0x5690 defragsvc - ok 14:53:37.0963 0x5690 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 14:53:38.0203 0x5690 DfsC - ok 14:53:38.0293 0x5690 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 14:53:38.0476 0x5690 Dhcp - ok 14:53:38.0706 0x5690 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 14:53:39.0246 0x5690 DiagTrack - ok 14:53:39.0277 0x5690 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 14:53:39.0463 0x5690 discache - ok 14:53:39.0539 0x5690 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 14:53:39.0583 0x5690 Disk - ok 14:53:39.0649 0x5690 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 14:53:39.0802 0x5690 Dnscache - ok 14:53:39.0862 0x5690 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 14:53:40.0046 0x5690 dot3svc - ok 14:53:40.0100 0x5690 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 14:53:40.0259 0x5690 DPS - ok 14:53:40.0311 0x5690 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 14:53:40.0383 0x5690 drmkaud - ok 14:53:40.0573 0x5690 [ 1ED08A6264C5C92099D6D1DAE5E8F530, 4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 14:53:40.0676 0x5690 DrvAgent64 - ok 14:53:40.0795 0x5690 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 14:53:40.0921 0x5690 DXGKrnl - ok 14:53:40.0967 0x5690 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 14:53:41.0117 0x5690 EapHost - ok 14:53:41.0364 0x5690 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 14:53:41.0786 0x5690 ebdrv - ok 14:53:41.0845 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe 14:53:41.0962 0x5690 EFS - ok 14:53:42.0070 0x5690 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 14:53:42.0499 0x5690 ehRecvr - ok 14:53:42.0537 0x5690 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 14:53:42.0642 0x5690 ehSched - ok 14:53:42.0997 0x5690 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys 14:53:43.0117 0x5690 ElbyCDFL - ok 14:53:43.0219 0x5690 [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 14:53:43.0273 0x5690 ElbyCDIO - ok 14:53:43.0397 0x5690 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 14:53:43.0486 0x5690 elxstor - ok 14:53:43.0566 0x5690 [ 8543BB84CD5872CD1619183F5CBBE3F9, 72009227CCFA644360217A40C9AE4C8860808026EF2BD3A76FB908FB3A35093A ] emAudio C:\Windows\system32\drivers\emAudio64.sys 14:53:43.0668 0x5690 emAudio - ok 14:53:43.0714 0x5690 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 14:53:43.0773 0x5690 ErrDev - ok 14:53:43.0929 0x5690 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 14:53:44.0155 0x5690 EventSystem - ok 14:53:44.0215 0x5690 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 14:53:44.0557 0x5690 exfat - ok 14:53:44.0811 0x5690 Fabs - ok 14:53:44.0868 0x5690 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 14:53:45.0050 0x5690 fastfat - ok 14:53:45.0169 0x5690 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 14:53:45.0365 0x5690 Fax - ok 14:53:45.0413 0x5690 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 14:53:45.0476 0x5690 fdc - ok 14:53:45.0520 0x5690 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 14:53:45.0690 0x5690 fdPHost - ok 14:53:45.0715 0x5690 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 14:53:45.0905 0x5690 FDResPub - ok 14:53:45.0958 0x5690 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 14:53:46.0014 0x5690 FileInfo - ok 14:53:46.0050 0x5690 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 14:53:46.0176 0x5690 Filetrace - ok 14:53:46.0214 0x5690 [ 73FBB50C4D92ADC30A9D57A269489A0B, 10DBC65126EEA820B829521C882A4AFE3BCD86ED53C703703DF2149A0220E10F ] FiltUSBEMPIA C:\Windows\system32\DRIVERS\emFilter64.sys 14:53:46.0295 0x5690 FiltUSBEMPIA - ok 14:53:46.0557 0x5690 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 14:53:47.0068 0x5690 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 ) 14:53:49.0528 0x5690 Detect skipped due to KSN trusted 14:53:49.0529 0x5690 FirebirdServerMAGIXInstance - ok 14:53:49.0967 0x5690 [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 14:53:50.0102 0x5690 FLEXnet Licensing Service - ok 14:53:50.0140 0x5690 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 14:53:50.0193 0x5690 flpydisk - ok 14:53:50.0265 0x5690 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 14:53:50.0347 0x5690 FltMgr - ok 14:53:50.0510 0x5690 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll 14:53:51.0010 0x5690 FontCache - ok 14:53:51.0091 0x5690 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:53:51.0121 0x5690 FontCache3.0.0.0 - ok 14:53:51.0240 0x5690 [ 07AF7870ABF051EBBAE8A8A92FF34ABE, D5FD122A8F1984DA33EB8A0B70F11E5C7B48744B80C182A3B7891CFBC30B2BD3 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe 14:53:51.0292 0x5690 FreeAgentGoNext Service - ok 14:53:51.0323 0x5690 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 14:53:51.0364 0x5690 FsDepends - ok 14:53:51.0415 0x5690 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 14:53:51.0548 0x5690 Fs_Rec - ok 14:53:51.0768 0x0670 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost 14:53:51.0802 0x5690 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 14:53:51.0879 0x5690 fvevol - ok 14:53:51.0915 0x5690 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 14:53:51.0957 0x5690 gagp30kx - ok 14:53:52.0014 0x5690 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:53:52.0049 0x5690 GEARAspiWDM - ok 14:53:52.0160 0x5690 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 14:53:52.0604 0x5690 gpsvc - ok 14:53:52.0729 0x5690 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:53:52.0762 0x5690 gupdate - ok 14:53:52.0784 0x5690 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:53:52.0815 0x5690 gupdatem - ok 14:53:53.0085 0x5690 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 14:53:53.0474 0x5690 hcw85cir - ok 14:53:53.0574 0x5690 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 14:53:53.0701 0x5690 HdAudAddService - ok 14:53:53.0737 0x5690 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 14:53:53.0829 0x5690 HDAudBus - ok 14:53:53.0882 0x5690 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys 14:53:53.0938 0x5690 HECIx64 - ok 14:53:54.0015 0x5690 [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys C:\Windows\system32\drivers\HH10Help.sys 14:53:54.0196 0x5690 HH10Help.sys - ok 14:53:54.0294 0x5690 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 14:53:54.0377 0x0670 Object send P2P result: true 14:53:54.0396 0x5690 HidBatt - ok 14:53:54.0455 0x5690 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 14:53:54.0610 0x5690 HidBth - ok 14:53:54.0707 0x5690 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 14:53:54.0767 0x5690 HidIr - ok 14:53:54.0837 0x5690 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 14:53:55.0382 0x5690 hidserv - ok 14:53:55.0454 0x5690 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 14:53:55.0602 0x5690 HidUsb - ok 14:53:55.0663 0x5690 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 14:53:55.0876 0x5690 hkmsvc - ok 14:53:55.0936 0x5690 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 14:53:56.0052 0x5690 HomeGroupListener - ok 14:53:56.0141 0x5690 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 14:53:56.0231 0x5690 HomeGroupProvider - ok 14:53:56.0293 0x5690 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 14:53:56.0344 0x5690 HpSAMD - ok 14:53:56.0470 0x5690 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 14:53:56.0620 0x5690 HTTP - ok 14:53:56.0712 0x5690 [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 14:53:56.0819 0x5690 hwdatacard - ok 14:53:56.0870 0x5690 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 14:53:56.0908 0x5690 hwpolicy - ok 14:53:57.0017 0x5690 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 14:53:57.0063 0x5690 i8042prt - ok 14:53:57.0140 0x5690 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\drivers\iaStor.sys 14:53:57.0203 0x5690 iaStor - ok 14:53:57.0285 0x5690 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 14:53:57.0320 0x5690 IAStorDataMgrSvc - ok 14:53:57.0388 0x5690 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 14:53:57.0469 0x5690 iaStorV - ok 14:53:57.0588 0x5690 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:53:57.0695 0x5690 idsvc - ok 14:53:57.0726 0x5690 IEEtwCollectorService - ok 14:53:58.0494 0x5690 [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 14:54:00.0221 0x5690 igfx - detected UnsignedFile.Multi.Generic ( 1 ) 14:54:02.0678 0x5690 Detect skipped due to KSN trusted 14:54:02.0681 0x5690 igfx - ok 14:54:02.0723 0x5690 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 14:54:02.0768 0x5690 iirsp - ok 14:54:02.0862 0x5690 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 14:54:03.0019 0x5690 IKEEXT - ok 14:54:03.0101 0x5690 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys 14:54:03.0186 0x5690 Impcd - ok 14:54:03.0389 0x5690 [ 526E482AFB586CB1CDD687869DECF686, DCF1D4772181AD14E8846C9B34387ADB6A8D56BE305A8926896AE35D3496A49F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 14:54:04.0573 0x5690 IntcAzAudAddService - ok 14:54:04.0658 0x5690 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 14:54:04.0777 0x5690 IntcDAud - detected UnsignedFile.Multi.Generic ( 1 ) 14:54:07.0261 0x5690 Detect skipped due to KSN trusted 14:54:07.0261 0x5690 IntcDAud - ok 14:54:07.0407 0x5690 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 14:54:07.0441 0x5690 intelide - ok 14:54:07.0478 0x5690 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 14:54:07.0552 0x5690 intelppm - ok 14:54:07.0855 0x5690 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 14:54:07.0963 0x5690 IPBusEnum - ok 14:54:08.0013 0x5690 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:54:08.0151 0x5690 IpFilterDriver - ok 14:54:08.0233 0x5690 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 14:54:08.0380 0x5690 iphlpsvc - ok 14:54:08.0424 0x5690 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 14:54:08.0482 0x5690 IPMIDRV - ok 14:54:08.0544 0x5690 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 14:54:08.0672 0x5690 IPNAT - ok 14:54:09.0110 0x5690 [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 14:54:09.0193 0x5690 iPod Service - ok 14:54:09.0241 0x5690 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 14:54:09.0652 0x5690 IRENUM - ok 14:54:09.0688 0x5690 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 14:54:09.0732 0x5690 isapnp - ok 14:54:09.0784 0x5690 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 14:54:09.0859 0x5690 iScsiPrt - ok 14:54:09.0890 0x5690 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 14:54:09.0934 0x5690 kbdclass - ok 14:54:09.0985 0x5690 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 14:54:10.0059 0x5690 kbdhid - ok 14:54:10.0088 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe 14:54:10.0148 0x5690 KeyIso - ok 14:54:10.0197 0x5690 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 14:54:10.0237 0x5690 KSecDD - ok 14:54:10.0265 0x5690 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 14:54:10.0328 0x5690 KSecPkg - ok 14:54:10.0370 0x5690 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 14:54:10.0511 0x5690 ksthunk - ok 14:54:10.0570 0x5690 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 14:54:10.0780 0x5690 KtmRm - ok 14:54:10.0870 0x5690 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 14:54:11.0075 0x5690 LanmanServer - ok 14:54:11.0405 0x5690 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 14:54:11.0562 0x5690 LanmanWorkstation - ok 14:54:11.0599 0x5690 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 14:54:11.0751 0x5690 lltdio - ok 14:54:11.0815 0x5690 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 14:54:12.0018 0x5690 lltdsvc - ok 14:54:12.0052 0x5690 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 14:54:12.0222 0x5690 lmhosts - ok 14:54:12.0301 0x5690 [ 3D23191672D83E90D1CF63927EE98136, 90EC8E0E0FCC838B7D258C76A5C92335A2F2B7AE36BD87B3BB4BCF187770B6DE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 14:54:12.0371 0x5690 LMS - ok 14:54:12.0445 0x5690 [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55, 265BDBC10CC256CB35F2BF5A9A25246D1859400087370A2B629783B9D3F7D0D4 ] LPDSVC C:\Windows\system32\lpdsvc.dll 14:54:12.0552 0x5690 LPDSVC - ok 14:54:12.0604 0x5690 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 14:54:12.0654 0x5690 LSI_FC - ok 14:54:12.0678 0x5690 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 14:54:12.0724 0x5690 LSI_SAS - ok 14:54:12.0758 0x5690 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 14:54:12.0802 0x5690 LSI_SAS2 - ok 14:54:12.0843 0x5690 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 14:54:12.0883 0x5690 LSI_SCSI - ok 14:54:12.0916 0x5690 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 14:54:13.0065 0x5690 luafv - ok 14:54:13.0135 0x5690 [ B2085E335F2B57077B0CBADB6F1245CD, 69C81753B2ABAE8C89CEDADFCB73FB332E5FCD555576959AD412BF036EC9E343 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys 14:54:13.0203 0x5690 lvpopf64 - ok 14:54:13.0213 0x5690 LVPr2M64 - ok 14:54:13.0267 0x5690 [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 14:54:13.0339 0x5690 LVRS64 - ok 14:54:13.0784 0x5690 [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 14:54:14.0501 0x5690 LVUVC64 - ok 14:54:14.0973 0x5690 [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys 14:54:15.0063 0x5690 MarvinBus - ok 14:54:15.0192 0x5690 [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe 14:54:15.0262 0x5690 McComponentHostServiceSony - ok 14:54:15.0319 0x5690 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys 14:54:15.0437 0x5690 mcdbus - ok 14:54:15.0520 0x5690 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 14:54:15.0573 0x5690 Mcx2Svc - ok 14:54:15.0713 0x5690 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 14:54:15.0790 0x5690 MDM - detected UnsignedFile.Multi.Generic ( 1 ) 14:54:18.0266 0x5690 Detect skipped due to KSN trusted 14:54:18.0266 0x5690 MDM - ok 14:54:18.0348 0x5690 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 14:54:18.0382 0x5690 megasas - ok 14:54:18.0423 0x5690 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 14:54:18.0506 0x5690 MegaSR - ok 14:54:18.0533 0x5690 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 14:54:18.0678 0x5690 MMCSS - ok 14:54:18.0708 0x5690 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 14:54:18.0845 0x5690 Modem - ok 14:54:18.0875 0x5690 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 14:54:18.0957 0x5690 monitor - ok 14:54:18.0970 0x5690 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 14:54:19.0017 0x5690 mouclass - ok 14:54:19.0064 0x5690 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 14:54:19.0176 0x5690 mouhid - ok 14:54:19.0227 0x5690 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 14:54:19.0266 0x5690 mountmgr - ok 14:54:19.0325 0x5690 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 14:54:19.0400 0x5690 MpFilter - ok 14:54:19.0670 0x5690 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 14:54:19.0712 0x5690 mpio - ok 14:54:19.0745 0x5690 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 14:54:19.0904 0x5690 mpsdrv - ok 14:54:20.0336 0x5690 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 14:54:20.0629 0x5690 MpsSvc - ok 14:54:20.0686 0x5690 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 14:54:20.0778 0x5690 MRxDAV - ok 14:54:20.0838 0x5690 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 14:54:20.0986 0x5690 mrxsmb - ok 14:54:21.0030 0x5690 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:54:21.0186 0x5690 mrxsmb10 - ok 14:54:21.0216 0x5690 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:54:21.0328 0x5690 mrxsmb20 - ok 14:54:21.0678 0x5690 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 14:54:21.0725 0x5690 msahci - ok 14:54:22.0414 0x5690 [ B7A248E6BCAE3B17791A51A836DAE264, B37C0CBF07AAC24F46DAA63BAABF2780DC7BDD4C57EFA3834E0A43286BA188F0 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe 14:54:22.0468 0x5690 MsDepSvc - ok 14:54:22.0529 0x5690 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 14:54:22.0589 0x5690 msdsm - ok 14:54:22.0624 0x5690 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 14:54:22.0712 0x5690 MSDTC - ok 14:54:22.0767 0x5690 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 14:54:22.0912 0x5690 Msfs - ok 14:54:23.0192 0x5690 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 14:54:23.0308 0x5690 mshidkmdf - ok 14:54:23.0341 0x5690 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 14:54:23.0373 0x5690 msisadrv - ok 14:54:23.0428 0x5690 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 14:54:23.0596 0x5690 MSiSCSI - ok 14:54:23.0607 0x5690 msiserver - ok 14:54:23.0645 0x5690 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 14:54:23.0778 0x5690 MSKSSRV - ok 14:54:23.0909 0x5690 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 14:54:23.0951 0x5690 MsMpSvc - ok 14:54:23.0990 0x5690 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 14:54:24.0125 0x5690 MSPCLOCK - ok 14:54:24.0152 0x5690 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 14:54:24.0266 0x5690 MSPQM - ok 14:54:24.0339 0x5690 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 14:54:24.0419 0x5690 MsRPC - ok 14:54:24.0465 0x5690 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 14:54:24.0504 0x5690 mssmbios - ok 14:54:24.0543 0x5690 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 14:54:24.0672 0x5690 MSTEE - ok 14:54:24.0794 0x5690 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 14:54:25.0061 0x5690 MTConfig - ok 14:54:25.0097 0x5690 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 14:54:25.0140 0x5690 Mup - ok 14:54:25.0220 0x5690 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 14:54:25.0483 0x5690 napagent - ok 14:54:25.0666 0x5690 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 14:54:25.0790 0x5690 NativeWifiP - ok 14:54:25.0927 0x5690 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 14:54:26.0094 0x5690 NDIS - ok 14:54:26.0138 0x5690 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 14:54:26.0319 0x5690 NdisCap - ok 14:54:26.0365 0x5690 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 14:54:26.0551 0x5690 NdisTapi - ok 14:54:26.0629 0x5690 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 14:54:26.0816 0x5690 Ndisuio - ok 14:54:26.0852 0x5690 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 14:54:27.0021 0x5690 NdisWan - ok 14:54:27.0073 0x5690 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 14:54:27.0240 0x5690 NDProxy - ok 14:54:27.0522 0x5690 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 14:54:27.0563 0x5690 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 14:54:30.0088 0x5690 Detect skipped due to KSN trusted 14:54:30.0088 0x5690 Net Driver HPZ12 - ok 14:54:30.0440 0x5690 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 14:54:30.0498 0x5690 Netaapl - ok 14:54:30.0544 0x5690 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 14:54:30.0931 0x5690 NetBIOS - ok 14:54:30.0996 0x5690 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 14:54:31.0201 0x5690 NetBT - ok 14:54:31.0229 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe 14:54:31.0274 0x5690 Netlogon - ok 14:54:31.0338 0x5690 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 14:54:31.0514 0x5690 Netman - ok 14:54:31.0628 0x5690 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:54:31.0730 0x5690 NetMsmqActivator - ok 14:54:31.0771 0x5690 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:54:31.0837 0x5690 NetPipeActivator - ok 14:54:31.0913 0x5690 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 14:54:32.0122 0x5690 netprofm - ok 14:54:32.0166 0x5690 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:54:32.0220 0x5690 NetTcpActivator - ok 14:54:32.0254 0x5690 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:54:32.0315 0x5690 NetTcpPortSharing - ok 14:54:32.0362 0x5690 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 14:54:32.0410 0x5690 nfrd960 - ok 14:54:32.0480 0x5690 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 14:54:32.0550 0x5690 NisDrv - ok 14:54:32.0996 0x5690 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 14:54:33.0086 0x5690 NisSrv - ok 14:54:33.0154 0x5690 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 14:54:33.0297 0x5690 NlaSvc - ok 14:54:33.0349 0x5690 NPF - ok 14:54:33.0392 0x5690 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 14:54:33.0538 0x5690 Npfs - ok 14:54:33.0571 0x5690 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 14:54:33.0711 0x5690 nsi - ok 14:54:33.0727 0x5690 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 14:54:33.0861 0x5690 nsiproxy - ok 14:54:34.0013 0x5690 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 14:54:34.0210 0x5690 Ntfs - ok 14:54:34.0246 0x5690 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 14:54:34.0368 0x5690 Null - ok 14:54:34.0428 0x5690 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 14:54:34.0477 0x5690 nvraid - ok 14:54:34.0548 0x5690 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 14:54:34.0606 0x5690 nvstor - ok 14:54:34.0666 0x5690 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 14:54:34.0711 0x5690 nv_agp - ok 14:54:34.0735 0x5690 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 14:54:34.0777 0x5690 ohci1394 - ok 14:54:34.0856 0x5690 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:54:34.0895 0x5690 ose - ok 14:54:35.0336 0x5690 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:54:35.0757 0x5690 osppsvc - ok 14:54:35.0837 0x5690 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 14:54:35.0924 0x5690 p2pimsvc - ok 14:54:35.0965 0x5690 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 14:54:36.0044 0x5690 p2psvc - ok 14:54:36.0315 0x5690 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 14:54:36.0380 0x5690 Parport - ok 14:54:36.0424 0x5690 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 14:54:36.0464 0x5690 partmgr - ok 14:54:36.0538 0x5690 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 14:54:36.0671 0x5690 PcaSvc - ok 14:54:36.0698 0x5690 pccsmcfd - ok 14:54:37.0017 0x5690 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 14:54:37.0074 0x5690 pci - ok 14:54:37.0111 0x5690 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 14:54:37.0148 0x5690 pciide - ok 14:54:37.0201 0x5690 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 14:54:37.0283 0x5690 pcmcia - ok 14:54:37.0350 0x5690 [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys 14:54:37.0414 0x5690 pcouffin - ok 14:54:37.0453 0x5690 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 14:54:37.0551 0x5690 pcw - ok 14:54:37.0704 0x5690 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 14:54:37.0834 0x5690 PEAUTH - ok 14:54:38.0563 0x5690 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 14:54:38.0623 0x5690 PerfHost - ok 14:54:38.0790 0x5690 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll mfg Klaus |
21.12.2015, 15:01 | #7 |
| Cursor friert für kurze Zeit einCode:
ATTFilter 14:54:39.0080 0x5690 pla - ok 14:54:39.0173 0x5690 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 14:54:39.0347 0x5690 PlugPlay - ok 14:54:39.0451 0x5690 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E, 2E51A0E9A5AE8F017D0AC22D46036FFFAF917CBC6A7C7297B63C1154DFC7FCC6 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe 14:54:39.0544 0x5690 PMBDeviceInfoProvider - ok 14:54:39.0630 0x5690 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 14:54:39.0666 0x5690 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 14:54:42.0126 0x5690 Detect skipped due to KSN trusted 14:54:42.0126 0x5690 Pml Driver HPZ12 - ok 14:54:42.0170 0x5690 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 14:54:42.0241 0x5690 PNRPAutoReg - ok 14:54:42.0296 0x5690 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 14:54:42.0370 0x5690 PNRPsvc - ok 14:54:42.0452 0x5690 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 14:54:42.0663 0x5690 PolicyAgent - ok 14:54:42.0721 0x5690 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 14:54:42.0922 0x5690 Power - ok 14:54:42.0985 0x5690 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 14:54:43.0214 0x5690 PptpMiniport - ok 14:54:43.0487 0x5690 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 14:54:43.0555 0x5690 Processor - ok 14:54:43.0646 0x5690 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 14:54:43.0742 0x5690 ProfSvc - ok 14:54:43.0774 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe 14:54:43.0825 0x5690 ProtectedStorage - ok 14:54:43.0890 0x5690 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 14:54:44.0068 0x5690 Psched - ok 14:54:44.0140 0x5690 [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys 14:54:44.0272 0x5690 PSI - ok 14:54:44.0319 0x5690 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 14:54:44.0355 0x5690 PxHlpa64 - ok 14:54:44.0524 0x5690 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 14:54:44.0787 0x5690 ql2300 - ok 14:54:44.0835 0x5690 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 14:54:44.0886 0x5690 ql40xx - ok 14:54:44.0943 0x5690 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 14:54:45.0036 0x5690 QWAVE - ok 14:54:45.0083 0x5690 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 14:54:45.0164 0x5690 QWAVEdrv - ok 14:54:45.0190 0x5690 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 14:54:45.0308 0x5690 RasAcd - ok 14:54:45.0359 0x5690 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 14:54:45.0487 0x5690 RasAgileVpn - ok 14:54:45.0531 0x5690 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 14:54:45.0638 0x5690 RasAuto - ok 14:54:45.0694 0x5690 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 14:54:45.0854 0x5690 Rasl2tp - ok 14:54:45.0910 0x5690 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 14:54:46.0091 0x5690 RasMan - ok 14:54:46.0376 0x5690 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 14:54:46.0502 0x5690 RasPppoe - ok 14:54:46.0533 0x5690 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 14:54:46.0699 0x5690 RasSstp - ok 14:54:47.0000 0x5690 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 14:54:47.0199 0x5690 rdbss - ok 14:54:47.0256 0x5690 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 14:54:47.0300 0x5690 rdpbus - ok 14:54:47.0367 0x5690 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 14:54:47.0512 0x5690 RDPCDD - ok 14:54:47.0530 0x5690 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 14:54:47.0680 0x5690 RDPENCDD - ok 14:54:47.0715 0x5690 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 14:54:47.0867 0x5690 RDPREFMP - ok 14:54:47.0979 0x5690 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 14:54:48.0159 0x5690 RdpVideoMiniport - ok 14:54:48.0222 0x5690 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 14:54:48.0316 0x5690 RDPWD - ok 14:54:48.0385 0x5690 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 14:54:48.0450 0x5690 rdyboost - ok 14:54:48.0490 0x5690 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 14:54:48.0827 0x5690 RemoteAccess - ok 14:54:48.0888 0x5690 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 14:54:49.0052 0x5690 RemoteRegistry - ok 14:54:49.0100 0x5690 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 14:54:49.0172 0x5690 RFCOMM - ok 14:54:49.0222 0x5690 [ FA6ABC06B629DA29634D31F1FE0347BD, 6469EB5C43CFBF9D774DE09042E3E0B4A08B8A146A43450F591725418BF5104E ] rimspci C:\Windows\system32\drivers\rimssne64.sys 14:54:49.0302 0x5690 rimspci - ok 14:54:49.0374 0x5690 [ 8F8539A7F5C117D4407B2985995671F2, D598C2F1F7B20E88386EADAFCA2616C3E4277521DDADF05C54933CCD9F5CA39B ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys 14:54:49.0523 0x5690 risdsnpe - ok 14:54:49.0569 0x5690 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 14:54:49.0739 0x5690 RpcEptMapper - ok 14:54:49.0779 0x5690 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 14:54:49.0839 0x5690 RpcLocator - ok 14:54:49.0930 0x5690 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 14:54:50.0122 0x5690 RpcSs - ok 14:54:50.0167 0x5690 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 14:54:50.0313 0x5690 rspndr - ok 14:54:50.0398 0x5690 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys 14:54:50.0513 0x5690 RTHDMIAzAudService - ok 14:54:50.0528 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe 14:54:50.0572 0x5690 SamSs - ok 14:54:50.0611 0x5690 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 14:54:50.0656 0x5690 sbp2port - ok 14:54:50.0716 0x5690 [ EECBBF7D76300E5558D316983961FFC1, 33E8237C9A39CEB1F0F4FB7D0466959121CF707899F43B17D6DDD92EBA398815 ] ScanUSBEMPIA C:\Windows\system32\DRIVERS\emScan64.sys 14:54:50.0802 0x5690 ScanUSBEMPIA - ok 14:54:50.0863 0x5690 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 14:54:51.0039 0x5690 SCardSvr - ok 14:54:51.0087 0x5690 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 14:54:51.0211 0x5690 scfilter - ok 14:54:51.0320 0x5690 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 14:54:51.0773 0x5690 Schedule - ok 14:54:51.0827 0x5690 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 14:54:51.0934 0x5690 SCPolicySvc - ok 14:54:52.0015 0x5690 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys 14:54:52.0375 0x5690 sdbus - ok 14:54:52.0600 0x5690 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 14:54:53.0076 0x5690 SDRSVC - ok 14:54:53.0224 0x5690 [ 7A4FE83F4EFF8B9D06DBB1EE48DC91C5, C9D42AC5DF55E72BC5D3F9CFA865D943A6EFE064EC147C04912545A219D8344B ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe 14:54:53.0261 0x5690 Seagate Dashboard Services - ok 14:54:53.0315 0x5690 [ 118B35309A148E0D23FF32ED52CC5C36, 9C3DF5CF4B714AADC91967DF2BC9E75D51056F5F603CCB833FDDEC1A34DB7EFB ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe 14:54:53.0373 0x5690 Seagate MobileBackup Service - ok 14:54:53.0415 0x5690 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 14:54:53.0549 0x5690 secdrv - ok 14:54:53.0640 0x5690 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 14:54:54.0011 0x5690 seclogon - ok 14:54:54.0288 0x5690 [ 7198BBFBE46C0070257278C536386687, 8670549D1C26F5924B3FADC35AD526C56728A51D377369B1C74397496497BE5D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 14:54:54.0429 0x5690 Secunia PSI Agent - ok 14:54:54.0506 0x5690 [ D2FCA567F9BE87E29B9A9FA32FFE79CA, 2DEFC814B5979A80FFC74242871C9ECB09FBCA994BF9069D6B1E94A5F7588F17 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe 14:54:54.0585 0x5690 Secunia Update Agent - ok 14:54:54.0695 0x5690 [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys 14:54:54.0796 0x5690 semav6thermal64ro - ok 14:54:54.0861 0x5690 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 14:54:55.0022 0x5690 SENS - ok 14:54:55.0058 0x5690 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 14:54:55.0156 0x5690 SensrSvc - ok 14:54:55.0216 0x5690 [ 210285D5FDFB06FC25F889C7487CD4E2, 97B01541D1EE039501604FEAF4968D7E83B0298B649E123551E1CD458C72A635 ] Ser2at C:\Windows\system32\DRIVERS\ser2at64.sys 14:54:55.0308 0x5690 Ser2at - ok 14:54:55.0347 0x5690 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 14:54:55.0398 0x5690 Serenum - ok 14:54:55.0439 0x5690 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 14:54:55.0501 0x5690 Serial - ok 14:54:55.0537 0x5690 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 14:54:55.0593 0x5690 sermouse - ok 14:54:55.0661 0x5690 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 14:54:55.0803 0x5690 SessionEnv - ok 14:54:55.0866 0x5690 [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys 14:54:55.0935 0x5690 SFEP - ok 14:54:55.0976 0x5690 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 14:54:56.0026 0x5690 sffdisk - ok 14:54:56.0047 0x5690 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 14:54:56.0112 0x5690 sffp_mmc - ok 14:54:56.0139 0x5690 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 14:54:56.0214 0x5690 sffp_sd - ok 14:54:56.0252 0x5690 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 14:54:56.0313 0x5690 sfloppy - ok 14:54:56.0392 0x5690 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 14:54:56.0551 0x5690 SharedAccess - ok 14:54:56.0632 0x5690 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 14:54:56.0782 0x5690 ShellHWDetection - ok 14:54:56.0825 0x5690 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 14:54:56.0934 0x5690 SiSRaid2 - ok 14:54:57.0026 0x5690 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 14:54:57.0066 0x5690 SiSRaid4 - ok 14:54:57.0135 0x5690 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 14:54:57.0208 0x5690 SkypeUpdate - ok 14:54:57.0257 0x5690 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 14:54:57.0384 0x5690 Smb - ok 14:54:57.0456 0x5690 [ 651BE03BCD0EEA41765D453DEB6050BC, D8A8132AF78E2E8BA3BCF6EE4D1C8BB4C6F2224765E04F0254B592BCB4C3CDF1 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 14:54:57.0547 0x5690 SmbDrvI - ok 14:54:57.0924 0x5690 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 14:54:58.0013 0x5690 SNMPTRAP - ok 14:54:58.0098 0x5690 [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 14:54:58.0167 0x5690 SOHCImp - ok 14:54:59.0795 0x5690 [ 65CC4779A29C3E82B987BD4961790DFF, 91D072ADBCD4AEB2E10D0CC97E89E92099E8061A601F1A88425B4A20FC50FF78 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 14:55:01.0091 0x5690 SOHDms - ok 14:55:01.0587 0x5690 [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 14:55:02.0327 0x5690 SOHDs - ok 14:55:03.0557 0x5690 [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 14:55:04.0097 0x5690 SpfService - ok 14:55:04.0572 0x5690 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 14:55:04.0609 0x5690 spldr - ok 14:55:05.0374 0x5690 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 14:55:05.0559 0x5690 Spooler - ok 14:55:05.0864 0x5690 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 14:55:06.0309 0x5690 sppsvc - ok 14:55:06.0358 0x5690 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 14:55:06.0531 0x5690 sppuinotify - ok 14:55:06.0642 0x5690 [ 4B3F898DC1378CED2F35D04E5B0CE0DF, D49AC7E72C2E57011308F6AA9C259C197853D5778187821C0BB83842E083B7D5 ] sptd C:\Windows\System32\Drivers\sptd.sys 14:55:06.0643 0x5690 Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\sptd.sys. md5: 4B3F898DC1378CED2F35D04E5B0CE0DF, sha256: D49AC7E72C2E57011308F6AA9C259C197853D5778187821C0BB83842E083B7D5 14:55:06.0645 0x5690 sptd - detected LockedFile.Multi.Generic ( 1 ) 14:55:09.0107 0x5690 Detect skipped due to KSN trusted 14:55:09.0107 0x5690 sptd - ok 14:55:09.0254 0x5690 [ 3F1292E8ABF33070BF5A3838D85DF121, 96D3CEF6DE210463C0909499CBCD25599B76E8FC486A1CF8004807CD15986767 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 14:55:09.0311 0x5690 SQLWriter - ok 14:55:09.0391 0x5690 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 14:55:09.0546 0x5690 srv - ok 14:55:09.0603 0x5690 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 14:55:09.0732 0x5690 srv2 - ok 14:55:09.0773 0x5690 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 14:55:09.0855 0x5690 srvnet - ok 14:55:09.0911 0x5690 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 14:55:10.0123 0x5690 SSDPSRV - ok 14:55:10.0160 0x5690 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 14:55:10.0342 0x5690 SstpSvc - ok 14:55:10.0649 0x5690 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 14:55:10.0704 0x5690 stexstor - ok 14:55:10.0784 0x5690 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys 14:55:10.0852 0x5690 StillCam - ok 14:55:10.0948 0x5690 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 14:55:11.0107 0x5690 stisvc - ok 14:55:11.0169 0x5690 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 14:55:11.0219 0x5690 swenum - ok 14:55:11.0289 0x5690 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 14:55:11.0514 0x5690 swprv - ok 14:55:11.0613 0x5690 [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10 C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe 14:55:11.0802 0x5690 SXDS10 - ok 14:55:11.0901 0x5690 [ C54F86A754D7EA388ABD817D7A9B712C, EC2E365EE165393543A0661783410C91D32FF4413866DC0875D67FFA7DF4F763 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 14:55:12.0057 0x5690 SynTP - ok 14:55:12.0220 0x5690 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 14:55:12.0454 0x5690 SysMain - ok 14:55:12.0530 0x5690 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 14:55:12.0620 0x5690 TabletInputService - ok 14:55:12.0675 0x5690 [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 14:55:12.0746 0x5690 tap0901 - ok 14:55:12.0806 0x5690 [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 14:55:12.0836 0x5690 taphss6 - ok 14:55:12.0903 0x5690 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 14:55:13.0063 0x5690 TapiSrv - ok 14:55:13.0201 0x5690 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 14:55:13.0502 0x5690 TBS - ok 14:55:13.0664 0x5690 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 14:55:13.0860 0x5690 Tcpip - ok 14:55:14.0294 0x5690 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 14:55:14.0523 0x5690 TCPIP6 - ok 14:55:14.0726 0x5690 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 14:55:14.0796 0x5690 tcpipreg - ok 14:55:14.0843 0x5690 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 14:55:14.0937 0x5690 TDPIPE - ok 14:55:14.0991 0x5690 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 14:55:15.0058 0x5690 TDTCP - ok 14:55:15.0120 0x5690 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 14:55:15.0208 0x5690 tdx - ok 14:55:15.0273 0x5690 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 14:55:15.0319 0x5690 TermDD - ok 14:55:15.0474 0x5690 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 14:55:15.0601 0x5690 TermService - ok 14:55:15.0637 0x5690 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 14:55:15.0721 0x5690 Themes - ok 14:55:16.0008 0x5690 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 14:55:16.0157 0x5690 THREADORDER - ok 14:55:16.0269 0x5690 [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 14:55:16.0313 0x5690 TomTomHOMEService - ok 14:55:16.0357 0x5690 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 14:55:16.0533 0x5690 TrkWks - ok 14:55:16.0620 0x5690 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 14:55:16.0774 0x5690 TrustedInstaller - ok 14:55:16.0834 0x5690 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 14:55:16.0889 0x5690 tssecsrv - ok 14:55:16.0943 0x5690 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 14:55:17.0029 0x5690 TsUsbFlt - ok 14:55:17.0045 0x5690 ttnfd - ok 14:55:17.0119 0x5690 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 14:55:17.0242 0x5690 tunnel - ok 14:55:17.0287 0x5690 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 14:55:17.0326 0x5690 uagp35 - ok 14:55:17.0374 0x5690 [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 14:55:17.0407 0x5690 uCamMonitor - ok 14:55:17.0471 0x5690 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 14:55:17.0634 0x5690 udfs - ok 14:55:17.0700 0x5690 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 14:55:17.0764 0x5690 UI0Detect - ok 14:55:17.0792 0x5690 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 14:55:17.0841 0x5690 uliagpkx - ok 14:55:17.0902 0x5690 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 14:55:17.0942 0x5690 umbus - ok 14:55:17.0972 0x5690 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 14:55:18.0029 0x5690 UmPass - ok 14:55:18.0282 0x5690 [ 11A559E0F10CC5E788984023DF400A6F, B16B6C2305B421402C2FA4D4D32A8359C4A5B5F14D14C04A1AE7BEC7EEA13047 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 14:55:18.0617 0x5690 UNS - ok 14:55:18.0665 0x5690 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 14:55:18.0829 0x5690 upnphost - ok 14:55:18.0870 0x5690 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 14:55:18.0899 0x5690 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 ) 14:55:21.0361 0x5690 Detect skipped due to KSN trusted 14:55:21.0361 0x5690 USBAAPL64 - ok 14:55:21.0463 0x5690 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 14:55:21.0542 0x5690 usbaudio - ok 14:55:21.0585 0x5690 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 14:55:21.0748 0x5690 usbccgp - ok 14:55:21.0815 0x5690 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 14:55:21.0919 0x5690 usbcir - ok 14:55:21.0968 0x5690 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 14:55:22.0009 0x5690 usbehci - ok 14:55:22.0090 0x5690 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 14:55:22.0167 0x5690 usbhub - ok 14:55:22.0198 0x5690 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 14:55:22.0243 0x5690 usbohci - ok 14:55:22.0288 0x5690 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 14:55:22.0366 0x5690 usbprint - ok 14:55:22.0453 0x5690 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys 14:55:22.0533 0x5690 usbser - ok 14:55:22.0588 0x5690 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:55:22.0723 0x5690 USBSTOR - ok 14:55:22.0788 0x5690 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 14:55:22.0845 0x5690 usbuhci - ok 14:55:22.0917 0x5690 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 14:55:22.0986 0x5690 usbvideo - ok 14:55:23.0982 0x5690 [ 22BF25D9A5B403675358B2D8D9984894, 5F37BD18DBA68D3958B6225CFB06ADD28A5AF5448ECBFF93D8637A4E662607D9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe 14:55:24.0123 0x5690 USER_ESRV_SVC - ok 14:55:24.0153 0x5690 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 14:55:24.0274 0x5690 UxSms - ok 14:55:24.0410 0x5690 [ A60605FC66552B421EE1F3D4EBB9A4E0, DCAC76EACAABD38E3896F78B56F51D08ECCC46E360DC29857526929900455E07 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 14:55:24.0470 0x5690 VAIO Event Service - ok 14:55:24.0574 0x5690 [ D469BE2723F79CF4B384680B1FDC577D, 8967D83D7A59E1C04F1A252246ABD7B64ABEC36BF02E3CA5BD672ABCA36E2BE0 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 14:55:24.0734 0x5690 VAIO Power Management - ok 14:55:24.0892 0x5690 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe 14:55:24.0928 0x5690 VaultSvc - ok 14:55:24.0983 0x5690 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys 14:55:25.0067 0x5690 vcd10bus - ok 14:55:25.0175 0x5690 [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 14:55:25.0512 0x5690 VCFw - ok 14:55:25.0589 0x5690 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys 14:55:25.0664 0x5690 VClone - ok 14:55:25.0746 0x5690 [ F19275655B42086C884ABCDAE2C659AE, D5D36DFF2D316C390E0336B51EE9C4B23705A52A3BBCCB13CC0B95FCF5761344 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 14:55:25.0850 0x5690 VcmIAlzMgr - ok 14:55:25.0940 0x5690 [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1, C64F9DE0A48A56EDDAB6FEB58F6EEE0A792DE5C669A2DB0776E9E374724F0AFE ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 14:55:26.0158 0x5690 VcmINSMgr - ok 14:55:26.0196 0x5690 [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 14:55:26.0280 0x5690 VcmXmlIfHelper - ok 14:55:26.0333 0x5690 [ B430617858DBA164F64E7974D80EBEB9, DE69180925B971901C1AEDD864020B4F1ECEA3094EDAFC408F5865690F2E7D1E ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe 14:55:26.0376 0x5690 VCService - ok 14:55:26.0746 0x5690 [ F0ECF990B3DE8842E948279AF31CC4E5, EF8C8D6F292A39914EDAB9BEF8E5243B60A7FAC48620D144A0F2079C852B3092 ] vdrv1000 C:\Windows\system32\Drivers\VDRV1000.SYS 14:55:26.0874 0x5690 vdrv1000 - ok 14:55:26.0963 0x5690 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 14:55:27.0007 0x5690 vdrvroot - ok 14:55:27.0101 0x5690 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 14:55:27.0289 0x5690 vds - ok 14:55:27.0333 0x5690 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 14:55:27.0390 0x5690 vga - ok 14:55:27.0417 0x5690 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 14:55:27.0571 0x5690 VgaSave - ok 14:55:27.0643 0x5690 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 14:55:27.0718 0x5690 vhdmp - ok 14:55:27.0760 0x5690 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 14:55:27.0802 0x5690 viaide - ok 14:55:27.0828 0x5690 VMnetAdapter - ok 14:55:27.0898 0x5690 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 14:55:27.0941 0x5690 volmgr - ok 14:55:28.0018 0x5690 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 14:55:28.0111 0x5690 volmgrx - ok 14:55:28.0184 0x5690 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 14:55:28.0256 0x5690 volsnap - ok 14:55:28.0321 0x5690 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 14:55:28.0388 0x5690 vsmraid - ok 14:55:28.0534 0x5690 [ 047F22BDFDAE6DF6F1E47E747A1237A2, D6B6996B0E3BB95A71FB425BD47294A175D29F258BAA7CDD167ABB477B56D5DB ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 14:55:28.0649 0x5690 VSNService - detected UnsignedFile.Multi.Generic ( 1 ) 14:55:31.0610 0x5690 Detect skipped due to KSN trusted 14:55:31.0610 0x5690 VSNService - ok 14:55:32.0207 0x5690 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 14:55:32.0528 0x5690 VSS - ok 14:55:32.0752 0x5690 [ 24D6F6D7AE866A6875965EFE9D8EE3F3, 344DFC1BFA1026B2AC3C883F5DAA78EB142299B717035444CE0DD8A548BEF10C ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe 14:55:32.0930 0x5690 VUAgent - ok 14:55:32.0963 0x5690 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 14:55:33.0011 0x5690 vwifibus - ok 14:55:33.0042 0x5690 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 14:55:33.0122 0x5690 vwififlt - ok 14:55:33.0167 0x5690 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 14:55:33.0213 0x5690 vwifimp - ok 14:55:33.0271 0x5690 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 14:55:33.0413 0x5690 W32Time - ok 14:55:33.0518 0x5690 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 14:55:33.0628 0x5690 W3SVC - ok 14:55:33.0661 0x5690 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 14:55:33.0706 0x5690 WacomPen - ok 14:55:33.0765 0x5690 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 14:55:33.0872 0x5690 WANARP - ok 14:55:33.0929 0x5690 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 14:55:34.0045 0x5690 Wanarpv6 - ok 14:55:34.0124 0x5690 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 14:55:34.0183 0x5690 WAS - ok 14:55:34.0348 0x5690 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 14:55:34.0559 0x5690 WatAdminSvc - ok 14:55:34.0833 0x5690 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 14:55:35.0112 0x5690 wbengine - ok 14:55:35.0177 0x5690 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 14:55:35.0288 0x5690 WbioSrvc - ok 14:55:35.0635 0x5690 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 14:55:35.0759 0x5690 wcncsvc - ok 14:55:35.0792 0x5690 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 14:55:35.0908 0x5690 WcsPlugInService - ok 14:55:35.0970 0x5690 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 14:55:36.0020 0x5690 Wd - ok 14:55:36.0143 0x5690 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 14:55:36.0304 0x5690 Wdf01000 - ok 14:55:36.0357 0x5690 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 14:55:36.0460 0x5690 WdiServiceHost - ok 14:55:36.0489 0x5690 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 14:55:36.0548 0x5690 WdiSystemHost - ok 14:55:36.0629 0x5690 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 14:55:36.0738 0x5690 WebClient - ok 14:55:36.0777 0x5690 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll 14:55:36.0920 0x5690 Wecsvc - ok 14:55:36.0961 0x5690 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 14:55:37.0155 0x5690 wercplsupport - ok 14:55:37.0476 0x5690 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 14:55:37.0647 0x5690 WerSvc - ok 14:55:37.0681 0x5690 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 14:55:37.0838 0x5690 WfpLwf - ok 14:55:37.0912 0x5690 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 14:55:38.0008 0x5690 WimFltr - ok 14:55:38.0073 0x5690 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 14:55:38.0131 0x5690 WIMMount - ok 14:55:38.0168 0x5690 WinDefend - ok 14:55:38.0223 0x5690 WinHttpAutoProxySvc - ok 14:55:38.0300 0x5690 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 14:55:38.0427 0x5690 Winmgmt - ok 14:55:39.0262 0x5690 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll 14:55:39.0713 0x5690 WinRM - ok 14:55:40.0061 0x5690 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys 14:55:40.0124 0x5690 WinUsb - ok 14:55:40.0234 0x5690 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 14:55:40.0396 0x5690 Wlansvc - ok 14:55:40.0676 0x5690 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:55:40.0981 0x5690 wlidsvc - ok 14:55:41.0064 0x5690 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 14:55:41.0122 0x5690 WmiAcpi - ok 14:55:41.0186 0x5690 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 14:55:41.0270 0x5690 wmiApSrv - ok 14:55:41.0310 0x5690 WMPNetworkSvc - ok 14:55:41.0355 0x5690 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 14:55:41.0470 0x5690 WPCSvc - ok 14:55:42.0071 0x5690 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 14:55:42.0182 0x5690 WPDBusEnum - ok 14:55:42.0223 0x5690 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 14:55:42.0401 0x5690 ws2ifsl - ok 14:55:42.0454 0x5690 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 14:55:42.0818 0x5690 wscsvc - ok 14:55:42.0904 0x5690 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 14:55:42.0987 0x5690 WSDPrintDevice - ok 14:55:43.0043 0x5690 WSearch - ok 14:55:43.0730 0x5690 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll 14:55:44.0091 0x5690 wuauserv - ok 14:55:44.0144 0x5690 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 14:55:44.0235 0x5690 WudfPf - ok 14:55:44.0301 0x5690 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 14:55:44.0382 0x5690 WUDFRd - ok 14:55:44.0483 0x5690 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 14:55:44.0559 0x5690 wudfsvc - ok 14:55:44.0696 0x5690 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 14:55:44.0814 0x5690 WwanSvc - ok 14:55:44.0900 0x5690 [ 5250193EF8E173AA7491250F00EB367F, FF33B5112C5702CBD8EF2B0B5E49428973054B961F3B105419F7A47E2057B8A6 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys 14:55:44.0984 0x5690 yukonw7 - ok 14:55:45.0061 0x5690 ================ Scan global =============================== 14:55:45.0504 0x5690 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 14:55:45.0584 0x5690 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 14:55:45.0618 0x5690 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 14:55:45.0780 0x5690 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 14:55:45.0853 0x5690 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 14:55:45.0907 0x5690 [ Global ] - ok 14:55:45.0908 0x5690 ================ Scan MBR ================================== 14:55:45.0924 0x5690 [ 08B26729634452D0C2889C002B1BB97C ] \Device\Harddisk0\DR0 14:55:48.0376 0x5690 \Device\Harddisk0\DR0 - ok 14:55:48.0377 0x5690 ================ Scan VBR ================================== 14:55:48.0408 0x5690 [ E5E2F42807DE9EC7463BB90A6A8AAF0D ] \Device\Harddisk0\DR0\Partition1 14:55:48.0419 0x5690 \Device\Harddisk0\DR0\Partition1 - ok 14:55:48.0440 0x5690 [ 445D6AC15BD82B721CBA8ED33B4C97D7 ] \Device\Harddisk0\DR0\Partition2 14:55:48.0446 0x5690 \Device\Harddisk0\DR0\Partition2 - ok 14:55:48.0489 0x5690 [ 759437E1BFAB8B09DEF8B414D28E079F ] \Device\Harddisk0\DR0\Partition3 14:55:48.0494 0x5690 \Device\Harddisk0\DR0\Partition3 - ok 14:55:48.0497 0x5690 ================ Scan generic autorun ====================== 14:55:48.0650 0x5690 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe 14:55:48.0804 0x5690 MSC - ok 14:55:49.0797 0x5690 [ CAF4777D51A4DC6B62219A0C579F8723, 84BBF7625656BB3B10C0C4CEDEE539F044335CEEEFECFDD78CE908DBFF13F9A3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 14:55:50.0993 0x5690 RtHDVCpl - ok 14:55:51.0214 0x5690 [ 1A87CB56BB2385657C7808F876902C20, 277A36F3262BEF0B6FA24381BA09685B1C9E3B1A75C47D6E7C96DBBA4CAB41D1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 14:55:51.0454 0x5690 RtHDVBg - ok 14:55:51.0460 0x5690 SynTPEnh - ok 14:55:51.0859 0x5690 [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe 14:55:51.0910 0x5690 iTunesHelper - ok 14:55:52.0136 0x5690 [ B3B6EECF46274B6C15FE882470A73166, 3C32EEFE22CD8CB3862A1092E6BEC8787163850CEFF624F9A3F1861BEA3A1953 ] C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe 14:55:52.0527 0x5690 {d0e166af-1634-4c0b-ae96-2180e61f9d38} - ok 14:55:52.0892 0x5690 [ A2C38CC58AD1DE361080402E20C350B3, 534C749B0FAD0CAABD295C25748DC5C911CEB61BB26DF335C8061502E664CE0B ] C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat 14:55:53.0046 0x5690 360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e - detected UnsignedFile.Multi.Generic ( 1 ) 14:55:55.0910 0x5690 360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - warning 14:55:57.0809 0x308c Object required for P2P: [ B3B6EECF46274B6C15FE882470A73166 ] C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe 14:55:59.0039 0x5690 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 14:55:59.0298 0x5690 Sidebar - ok 14:55:59.0423 0x5690 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 14:55:59.0501 0x5690 mctadmin - ok 14:55:59.0612 0x5690 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 14:55:59.0745 0x5690 Sidebar - ok 14:55:59.0776 0x5690 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 14:55:59.0848 0x5690 mctadmin - ok 14:56:00.0053 0x5690 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 14:56:00.0268 0x5690 Sidebar - ok 14:56:00.0322 0x308c Object send P2P result: true 14:56:00.0384 0x5690 [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe 14:56:00.0419 0x5690 iCloudServices - ok 14:56:00.0472 0x5690 [ 8C5A712AA2C4A0F106965D199D8B73B8, AED43CD6E85CC92AD72AE344842F47E39E288BEC78168CBF8BB6A6B9105FBFB8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe 14:56:00.0508 0x5690 iCloudDrive - ok 14:56:00.0565 0x5690 [ 2E4529B5F54B843F1E3A51B8DAEC899B, 3282107810062FEE024CBFB626F91F342B10E7278A4876C75E25B51B07AC3BCA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe 14:56:00.0635 0x5690 iCloudPhotos - ok 14:56:00.0731 0x5690 [ 8214193359CEE333F1330A3F99FA1AEB, 79ADE8D2A0A666E1965D9FD67385D26C858127C002784351EFFAC46A69E107A3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe 14:56:00.0765 0x5690 Uploader - ok 14:56:01.0121 0x5690 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe 14:56:01.0406 0x5690 HP Officejet Pro 8500 A910 (NET) - ok 14:56:02.0261 0x5690 [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe 14:56:03.0228 0x5690 CCleaner Monitoring - ok 14:56:03.0491 0x5690 [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe 14:56:03.0540 0x5690 Dropbox Update - ok 14:56:03.0651 0x5690 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 14:56:03.0844 0x5690 Sidebar - ok 14:56:03.0881 0x5690 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 14:56:03.0959 0x5690 mctadmin - ok 14:56:03.0961 0x5690 Waiting for KSN requests completion. In queue: 14 14:56:04.0962 0x5690 Waiting for KSN requests completion. In queue: 14 14:56:05.0963 0x5690 Waiting for KSN requests completion. In queue: 14 14:56:07.0492 0x5690 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.14.257 ), 0x40010 ( disabled : outofdate ) 14:56:07.0518 0x5690 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated ) 14:56:07.0619 0x5690 Win FW state via NFP2: enabled ( trusted ) 14:56:10.0085 0x5690 ============================================================ 14:56:10.0085 0x5690 Scan finished 14:56:10.0085 0x5690 ============================================================ 14:56:10.0120 0x40e0 Detected object count: 1 14:56:10.0120 0x40e0 Actual detected object count: 1 14:57:05.0542 0x40e0 360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - skipped by user 14:57:05.0542 0x40e0 360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - User select action: Skip |
21.12.2015, 15:06 | #8 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, Schritt # 1: MBAM Lade dir, falls nicht schon vorhanden, Malwarebytes Anti-Malware herunter, installiere und starte es.
Schritt # 2: AdwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt # 3: FRST Und noch ein frisches FRST-Log bitte. Schritt # 4: Bitte Posten
|
22.12.2015, 13:28 | #9 |
| Cursor friert für kurze Zeit ein Hi Dennis, MBAW legt zwei Protokolldateien an. Ich poste mal beide und dann die ADW-Datei und schließlich die FRST-Datei. mfG Klaus mbam-log-2015-12-21 (16-17-25).xml Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?> <mbam-log> <header> <date>2015/12/21 16:17:28 +0100</date> <logfile>mbam-log-2015-12-21 (16-17-25).xml</logfile> <isadmin>yes</isadmin> </header> <engine> <version>2.2.0.1024</version> <malware-database>v2015.12.21.04</malware-database> <rootkit-database>v2015.12.18.01</rootkit-database> <license>free</license> <file-protection>disabled</file-protection> <web-protection>disabled</web-protection> <self-protection>disabled</self-protection> </engine> <system> <hostname>LAPTOP</hostname> <ip>192.168.2.102</ip> <osversion>Windows 7 Service Pack 1</osversion> <arch>x64</arch> <username>Klaus</username> <filesys>NTFS</filesys> </system> <summary> <type>threat</type> <result>completed</result> <objects>448989</objects> <time>20606</time> <processes>0</processes> <modules>0</modules> <keys>16</keys> <values>11</values> <datas>1</datas> <folders>4</folders> <files>15</files> <sectors>0</sectors> </summary> <options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>enabled</rootkits> <deeprootkit>enabled</deeprootkit> <heuristics>enabled</heuristics> <pup>warn</pup> <pum>enabled</pum> </options> <items> <key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}</path><vendor>PUP.Optional.Iminent</vendor><action>success</action><hash>b1076740fc8f69cd6418b8b229d9db25</hash></key> <key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}</path><vendor>PUP.Optional.Iminent</vendor><action>success</action><hash>b1076740fc8f69cd6418b8b229d9db25</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}</path><vendor>PUP.Optional.2YourFace</vendor><action>success</action><hash>ffb96a3d305b340273ad71e76c96aa56</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph</path><vendor>PUP.Optional.SettingsProtector</vendor><action>success</action><hash>5662149396f5f145b8f10eacf40f827e</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NGNJHFPFHADNCGAFGBNEELJAGINIMMMK</path><vendor>PUP.Optional.Conduit</vendor><action>success</action><hash>6c4ce5c27516d1654efd6d43f80ac23e</hash></key> <key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD</path><vendor>PUP.Optional.TermTutor</vendor><action>success</action><hash>90282f785536fe385a79338e1de618e8</hash></key> <key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 15</path><vendor>PUP.Optional.SmartSaver</vendor><action>success</action><hash>e2d6d5d22368c17567c514a81de608f8</hash></key> <key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>bdfb03a41972e94dd21fbfd66d96ef11</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\lollipop</path><vendor>PUP.Optional.CouponMarvel.AppFlsh</vendor><action>success</action><hash>9424a601bccf1d19235a0004f80c02fe</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>5d5b1a8d3b50092dd62c8f082ed5f40c</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>ffb95750e2a99e98c53caceb2fd454ac</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>f5c35b4ccbc0989e92703b5c9e6506fa</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>d2e692150d7e3bfb6999d1c643c0b64a</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>09af0c9b92f98caa9071c4d38a79827e</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>e1d7b0f7b9d26cca8d741d7a27dcb34d</hash></key> <key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>7f39f6b11477072f35cc9afd40c3867a</hash></key> <value><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ngnjhfpfhadncgafgbneeljaginimmmk</path><valuename>path</valuename><vendor>PUP.Optional.Conduit</vendor><action>success</action><valuedata>C:\Users\Klaus\AppData\Local\Temp\tbch.crx</valuedata><hash>6c4ce5c27516d1654efd6d43f80ac23e</hash></value> <value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>termtutor@termtutor.com</valuename><vendor>PUP.Optional.TermTutor</vendor><action>success</action><valuedata>C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com</valuedata><hash>f6c2ffa86427c373f1e19130808329d7</hash></value> <value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD</path><valuename>ImagePath</valuename><vendor>PUP.Optional.TermTutor</vendor><action>success</action><valuedata>system32\drivers\ttnfd.sys</valuedata><hash>90282f785536fe385a79338e1de618e8</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>5d5b1a8d3b50092dd62c8f082ed5f40c</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>ffb95750e2a99e98c53caceb2fd454ac</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>f5c35b4ccbc0989e92703b5c9e6506fa</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>d2e692150d7e3bfb6999d1c643c0b64a</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>09af0c9b92f98caa9071c4d38a79827e</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>e1d7b0f7b9d26cca8d741d7a27dcb34d</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>7f39f6b11477072f35cc9afd40c3867a</hash></value> <value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>BrowserMngrDefaultScope</valuename><vendor>PUP.Optional.BrowserMngr</vendor><action>success</action><valuedata>{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}</valuedata><hash>fdbb2d7a3e4d5adc7f92b64c30d4837d</hash></value> <data><path>HKCR\scrfile\shell\open\command</path><valuename></valuename><vendor>Broken.OpenCommand</vendor><action>delete-on-reboot</action><valuedata></valuedata><baddata></baddata><gooddata>"%1" /S</gooddata><hash>ffffffffffffffffffffffffffffffff</hash></data> <folder><path>C:\ProgramData\APN\APN-Stub</path><vendor>PUP.Optional.APNToolBar.Gen</vendor><action>success</action><hash>6f49b6f11774999dfa94bfbf9969c63a</hash></folder> <folder><path>C:\ProgramData\Browser Manager\2.2.630.40</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder> <folder><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder> <folder><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder> <file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\WirelessNetView.exe</path><vendor>PUP.Optional.WirelessNetworkTool</vendor><action>success</action><hash>08b0f3b4315af73fae8e9714a0647987</hash></file> <file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\iehv.exe</path><vendor>PUP.Optional.HistoryTool</vendor><action>success</action><hash>3b7d6a3d90fbe4529b683f31837ec63a</hash></file> <file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\strun.exe</path><vendor>PUP.Optional.StartUpManager</vendor><action>success</action><hash>3187a205becd54e22677a8c8768bf20e</hash></file> <file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\ProduKey.exe</path><vendor>PUP.Optional.ProductKeyFinder</vendor><action>success</action><hash>c0f80f9893f8be78b0a669079d640ef2</hash></file> <file><path>C:\Windows\Installer\280e0b43.msi</path><vendor>PUP.Optional.VeriStaff</vendor><action>success</action><hash>3e7a87208803df578c38f81faa562fd1</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file> <file><path>C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml</path><vendor>PUP.Optional.ASK</vendor><action>success</action><hash>2890d3d4711a53e3f106862fd62e966a</hash></file> </items> </mbam-log> Code:
ATTFilter <?xml version="1.0" encoding="UTF-8" ?> <logs> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.613430+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2013.10.16.1" last_modified_tag="8f3ed0da-17c6-4abb-8615-2a2552d48b2f" name="Remediation Database" toVersion="2015.12.15.2"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.650432+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2014.10.15.1" last_modified_tag="4d1b447f-8c8e-4012-a2cb-4c9ec9141ac3" name="Rootkit Database" toVersion="2015.12.18.1"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.675434+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="0.0.0.0" last_modified_tag="8847cb5f-2005-4471-9194-616cd6def3bc" name="IP Database" toVersion="2015.12.19.1"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:27.273525+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="0.0.0.0" last_modified_tag="975d8d09-68d7-4a48-ad8f-a214b760ebab" name="Domain Database" toVersion="2015.12.20.2"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:36.591988+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2014.10.15.3" last_modified_tag="eb112c2b-fd45-4b26-b3a4-0694227d994d" name="Malware Database" toVersion="2015.12.21.4"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:49.242507+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2.0.2.1012" last_modified_tag="cdc7c9fd-6d2a-4f16-b0da-00080eed0925" name="program" toVersion="2.2.0.1024"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.026955+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.16.1" last_modified_tag="d6f41498-1c97-4ac2-bf61-3d6d0f6e57a9" name="Remediation Database" toVersion="2015.12.15.2"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.320967+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.21.2" last_modified_tag="dee012a5-f812-421c-a0ce-bf530196e8c7" name="IP Database" toVersion="2015.12.19.1"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.378970+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.22.3" last_modified_tag="48e0e3a2-6c64-4ab8-9882-fbf69d415f0d" name="Domain Database" toVersion="2015.12.20.2"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.802171+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.18.1" last_modified_tag="81a018a6-ab1d-4f80-b4f9-4c532e1c4c95" name="Rootkit Database" toVersion="2015.12.18.1"></record> <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:36.132410+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.22.5" last_modified_tag="83935c50-a7d2-4e2d-b256-f0c53483038d" name="Malware Database" toVersion="2015.12.21.4"></record> <record severity="debug" LoggingEventType="6" datetime="2015-12-21T22:28:17.923546+01:00" source="Manual" type="Scan" username="SYSTEM" systemname="LAPTOP" duration="20606" last_modified_tag="901c146a-48fa-45bd-96e6-b38418efca2c" malwaredetections="2" nonmalwaredetections="92" scanresult="completed" scantype="threat" starttime="2015-12-21T16:17:28+01:00"></record> <record severity="debug" LoggingEventType="4" datetime="2015-12-21T22:33:18.717555+01:00" source="Protection" type="Error" username="SYSTEM" systemname="LAPTOP" code="13" last_modified_tag="2b3ce3d9-915c-4f9f-aa16-9a3ec9e1e52b" message="IsLicensed"></record> <record severity="debug" LoggingEventType="2" datetime="2015-12-21T22:33:18.795555+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="LAPTOP" last_modified_tag="94c3be4b-9ff2-45cb-a4bf-bda9c4b784e5" result="Stopping" subtype="Malware Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2015-12-21T22:33:18.795555+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="LAPTOP" last_modified_tag="3955b8b2-cf27-43ff-9749-a8f5f42ae265" result="Stopped" subtype="Malware Protection"></record> </logs> AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.026 - Bericht erstellt am 22/12/2015 um 12:56:45 # Aktualisiert am 21/12/2015 von Xplode # Datenbank : 2015-12-21.3 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : Klaus - LAPTOP # Gestartet von : D:\Eigene Dateien\Downloads\adwcleaner_5.026.exe # Option : Suchlauf # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** Ordner Gefunden : C:\Program Files\FileViewPro Ordner Gefunden : C:\Program Files (x86)\vmntoolbar Ordner Gefunden : C:\Program Files (x86)\Free FLV Converter Ordner Gefunden : C:\ProgramData\apn Ordner Gefunden : C:\ProgramData\Babylon Ordner Gefunden : C:\ProgramData\Browser Manager Ordner Gefunden : C:\ProgramData\ParetoLogic Ordner Gefunden : C:\ProgramData\Partner Ordner Gefunden : C:\ProgramData\DriverBoost Ordner Gefunden : C:\ProgramData\mntemp Ordner Gefunden : C:\Users\Klaus\music\qtrax media library Ordner Gefunden : C:\Users\Klaus\AppData\Local\eSupport.com Ordner Gefunden : C:\Users\Klaus\AppData\Local\globalUpdate Ordner Gefunden : C:\Users\Klaus\AppData\Local\PackageAware Ordner Gefunden : C:\Users\Klaus\AppData\Local\FileViewPro Ordner Gefunden : C:\Users\Klaus\AppData\Local\DriverTuner Ordner Gefunden : C:\Users\Klaus\AppData\Local\slimware utilities inc Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\Conduit Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\HPAppData Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\vmntoolbar Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\DesktopIconForAmazon Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\DriverCure Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\GrabPro Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\HPAppData Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\OCS Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\ParetoLogic Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\Solvusoft Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\ProgSense Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter Ordner Gefunden : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar ***** [ Dateien ] ***** Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\components\AskSearch.js Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url Datei Gefunden : C:\Windows\Reimage.ini ***** [ DLL ] ***** ***** [ Verknüpfungen ] ***** Verknüpfung Infiziert : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.helperbar.com/?publisher=YahooSM&dpid=YahooSM&co=DE&userid=9d274d60-2961-a68a-7e5a-56a6cdbf4c7b&searchtype=sc&fr=linkury-tb&installDate=14/10/2014&barcodeid=145243&um=0&type=hp15000 ) ***** [ Aufgabenplanung ] ***** Geplante Aufgabe Gefunden : DriverBoost-RTMRules Geplante Aufgabe Gefunden : DriverBoost-RTMUpdater Geplante Aufgabe Gefunden : DriverBoost-RTMScan Geplante Aufgabe Gefunden : DriverBoost-RTMScanRunOnce ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} Schlüssel Gefunden : HKCU\Software\5e2d9d9b33ee810 Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}] Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}] Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Schlüssel Gefunden : HKCU\Software\BrowserMngr Schlüssel Gefunden : HKCU\Software\eSupport.com Schlüssel Gefunden : HKCU\Software\OCS Schlüssel Gefunden : HKCU\Software\ParetoLogic Schlüssel Gefunden : HKCU\Software\UpdateStar Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar Schlüssel Gefunden : HKCU\Software\DriverTuner_Init Schlüssel Gefunden : HKCU\Software\DriverTuner Schlüssel Gefunden : HKCU\Software\ProgSense Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar Schlüssel Gefunden : HKLM\SOFTWARE\Babylon Schlüssel Gefunden : HKLM\SOFTWARE\BrowserMngr Schlüssel Gefunden : HKLM\SOFTWARE\ParetoLogic Schlüssel Gefunden : HKLM\SOFTWARE\SoftwareUpdater Schlüssel Gefunden : HKLM\SOFTWARE\TermTutor Schlüssel Gefunden : HKLM\SOFTWARE\SlimWare Utilities Inc Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar Schlüssel Gefunden : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5 Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739 Schlüssel Gefunden : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snapdoc ***** [ Internetbrowser ] ***** [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.LVD-SAE.newTabSearchURL", "\"hxxp://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-10-30&d=533-107-0&v=8.5-881-0&apn_ptnrs=[...] [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.LVD-SAE.searchURL", "\"hxxp://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-10-30&d=533-107-0&v=8.5-881-0&apn_ptnrs=%5EAG5\[...] [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.firstKnownVersion", "7.18.8.36159"); [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.installKeysSource", "Cookies"); [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.isCompliantUninstallImplementation", true); [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.lastKnownVersion", "7.18.8.36159"); [C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.toolbarCollapsed", false); ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [23551 Bytes] ########## FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von Klaus (Administrator) auf LAPTOP (22-12-2015 13:03:45) Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus & (Verfügbare Profile: Klaus & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe (DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe () D:\Eigene Dateien\Downloads\adwcleaner_5.026.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare) HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18] ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03] ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei) BootExecute: autocheck autochk * ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei BHO: Kein Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Keine Datei BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Keine Datei Toolbar: HKLM-x32 - Kein Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - Keine Datei Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898 FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.) FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31] FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19] FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29] FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-22] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-22] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation) S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] () S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert] S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH) U3 DfSdkS; kein ImagePath S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X] S3 NPF; system32\drivers\NPF.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-22 12:33 - 2015-12-22 12:56 - 00000000 ____D C:\AdwCleaner 2015-12-21 18:05 - 2015-12-21 18:05 - 00001057 _____ C:\Users\Klaus\ADWCleaner.txt 2015-12-21 15:57 - 2015-12-21 15:57 - 00243941 _____ C:\Users\Klaus\TDSSKiller-Report1.txt 2015-12-21 14:51 - 2015-12-21 15:59 - 00487972 _____ C:\TDSSKiller.3.1.0.9_21.12.2015_14.51.38_log.txt 2015-12-21 13:06 - 2015-12-22 13:03 - 00000000 ____D C:\FRST 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer 2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero 2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools 2015-12-03 11:20 - 2015-12-22 12:41 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job 2015-12-03 11:20 - 2015-12-22 12:29 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job 2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA 2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox 2015-11-30 14:53 - 2015-11-30 14:53 - 00000000 __SHD C:\$360Section 2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-30 14:27 - 2015-12-21 22:31 - 00000000 ____D C:\360SANDBOX 2015-11-30 14:26 - 2015-12-21 22:37 - 00000000 ____D C:\Program Files (x86)\360 2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK 2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp 2015-11-22 12:46 - 2015-11-22 12:46 - 00000000 ____D C:\Users\Klaus\Neuer Ordner (2) 2015-11-22 12:24 - 2015-11-22 12:24 - 00000000 ____D C:\Users\Klaus\Tierische Werbung ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-22 13:02 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass 2015-12-22 12:58 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-22 12:44 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-22 12:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-22 12:32 - 2015-06-26 11:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-22 12:30 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-22 12:29 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job 2015-12-22 12:29 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job 2015-12-21 22:51 - 2014-09-09 08:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-21 22:42 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-21 22:42 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-21 22:40 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive 2015-12-21 22:40 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox 2015-12-21 22:40 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox 2015-12-21 22:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-21 22:35 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-21 22:32 - 2014-09-09 08:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-21 22:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-21 22:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2015-12-21 22:28 - 2015-06-21 13:57 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\NirSoft Utilities 2015-12-21 22:28 - 2013-07-09 13:08 - 00000000 ____D C:\ProgramData\APN 2015-12-21 22:28 - 2012-09-11 14:08 - 00000000 ____D C:\ProgramData\Browser Manager 2015-12-21 18:05 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus 2015-12-21 16:13 - 2014-09-09 08:21 - 00001072 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-21 16:13 - 2014-09-09 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-21 15:52 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc 2015-12-21 13:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser 2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat 2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat 2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-19 08:28 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps 2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live 2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss 2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP 2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle 2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss 2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER 2015-11-30 15:13 - 2015-08-08 17:39 - 00000306 __RSH C:\ProgramData\ntuser.pol 2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt 2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos 2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft 2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump 2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3 2015-11-23 16:46 - 2013-10-18 08:13 - 00000000 ____D C:\ProgramData\Oracle 2015-11-23 15:39 - 2011-10-24 19:11 - 00000000 ____D C:\Program Files (x86)\Pinnacle 2015-11-23 15:33 - 2014-01-15 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-11-23 15:33 - 2013-10-18 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-23 15:33 - 2011-11-12 12:19 - 00000000 ____D C:\Program Files (x86)\Java 2015-11-23 15:32 - 2015-11-05 17:41 - 00000000 ____D C:\Users\Klaus\.oracle_jre_usage 2015-11-23 15:30 - 2015-04-16 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-11-23 15:14 - 2015-01-30 16:24 - 00000000 ____D C:\Program Files\CDBurnerXP 2015-11-22 13:08 - 2015-01-30 16:24 - 00001748 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2015-11-22 13:08 - 2015-01-30 16:24 - 00001698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe 2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll 2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx 2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt 2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res 2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db 2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def 2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe 2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Klaus\AppData\Roaming\LL 2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini 2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat 2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf 2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log 2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys 2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp 2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat 2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml 2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG 2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus 2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel 2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg 2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr 2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log 2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe 2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2015-10-29 17:55 - 2015-10-29 17:55 - 0000016 _____ () C:\ProgramData\mntemp Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Klaus\jobq.dat C:\Users\Klaus\netzlw.vbs C:\Users\Klaus\time1.bat C:\Users\Klaus\vbaconv.bat Einige Dateien in TEMP: ==================== C:\Users\Klaus\AppData\Local\Temp\-bfjpesr.dll C:\Users\Klaus\AppData\Local\Temp\avgnt.exe C:\Users\Klaus\AppData\Local\Temp\ctmyh-q6.dll C:\Users\Klaus\AppData\Local\Temp\DivXSetup.exe C:\Users\Klaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvlefog.dll C:\Users\Klaus\AppData\Local\Temp\GLF2767.EXE C:\Users\Klaus\AppData\Local\Temp\GLF3E32.EXE C:\Users\Klaus\AppData\Local\Temp\GLF5C66.EXE C:\Users\Klaus\AppData\Local\Temp\GLF6878.EXE C:\Users\Klaus\AppData\Local\Temp\HOST17152.exe C:\Users\Klaus\AppData\Local\Temp\ikryuqe5.dll C:\Users\Klaus\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Klaus\AppData\Local\Temp\ls3grcji.dll C:\Users\Klaus\AppData\Local\Temp\pf3lfiun.dll C:\Users\Klaus\AppData\Local\Temp\sqlite3.dll C:\Users\Klaus\AppData\Local\Temp\tmd_34019176.exe C:\Users\Klaus\AppData\Local\Temp\uninstall.exe C:\Users\Klaus\AppData\Local\Temp\v9o1xnos.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-12 11:01 ==================== Ende von FRST.txt ============================ |
22.12.2015, 13:31 | #10 |
| Cursor friert für kurze Zeit ein und noch die Quarantine.log von ADW Code:
ATTFilter C:\Program Files (x86)\vmntoolbar\uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\vmntoolbar\uninstall.exe.vir C:\Program Files (x86)\Free FLV Converter\avcodec-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avcodec-52.dll.vir C:\Program Files (x86)\Free FLV Converter\avformat-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avformat-52.dll.vir C:\Program Files (x86)\Free FLV Converter\avutil-50.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avutil-50.dll.vir C:\Program Files (x86)\Free FLV Converter\FLVToX.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\FLVToX.exe.vir C:\Program Files (x86)\Free FLV Converter\MediaInfo.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\MediaInfo.dll.vir C:\Program Files (x86)\Free FLV Converter\SDL.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\SDL.dll.vir C:\Program Files (x86)\Free FLV Converter\swscale-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\swscale-0.dll.vir C:\Program Files (x86)\Free FLV Converter\VideoCoderX.ocx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\VideoCoderX.ocx.vir C:\ProgramData\Partner\debug.log->C:\AdwCleaner\Quarantine\C\ProgramData\Partner\debug.log.vir C:\ProgramData\DriverBoost\DriverBoost\CPUID.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\CPUID.dat.vir C:\ProgramData\DriverBoost\DriverBoost\dd.lic->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\dd.lic.vir C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalActions.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalActions.dat.vir C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentEvents.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentEvents.dat.vir C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentProperties.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentProperties.dat.vir C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalRules.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalRules.dat.vir C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\RuleHistoryController.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\RuleHistoryController.dat.vir C:\ProgramData\DriverBoost\DriverBoost\DDSM\ScanManager.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\DDSM\ScanManager.dat.vir C:\Users\Klaus\music\qtrax media library\LinksVisited.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\LinksVisited.xml.vir C:\Users\Klaus\music\qtrax media library\QtraxMediaLibrary.qpl->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\QtraxMediaLibrary.qpl.vir C:\Users\Klaus\music\qtrax media library\RadiosVisited.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\RadiosVisited.xml.vir C:\Users\Klaus\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\ignores.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\ignores.dat.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\rupdates.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\rupdates.db.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\settings.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\settings.db.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\supdates.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\supdates.db.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.cat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.cat.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.inf->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.inf.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.sys->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.sys.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15 08-53-41 0.log->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15 08-53-41 0.log.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15 09-10-36 0.log->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15 09-10-36 0.log.vir C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Images\acer.png->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Images\acer.png.vir C:\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.vir C:\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.pending->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.pending.vir C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\compreg.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\compreg.dat.vir C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\localstore.rdf->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\localstore.rdf.vir C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\xpti.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\xpti.dat.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\---Yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\---Yahoo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\01net.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\01net.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\a.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\a.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\amazon.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\amazon.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\an.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\an.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowB.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowB.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowT.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowT.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_down.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_down.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_up.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_up.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\autofill.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\autofill.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\avstate.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\avstate.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\b.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\b.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_pub.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_pub.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_ttl.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_ttl.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\c.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\c.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\canalblog.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\canalblog.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\cn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\cn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\COMBOSEARCH.acs->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\COMBOSEARCH.acs.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\d.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\d.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dictionary2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dictionary2.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\DownloadCOM.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\DownloadCOM.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dropdown.css->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dropdown.css.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorLog.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorLog.txt.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorPageTemplate.css->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorPageTemplate.css.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\f.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\f.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_argentine.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_argentine.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_australia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_australia.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_brazil.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_brazil.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_canada.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_canada.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_china.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_china.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_france.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_france.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_germany.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_germany.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_greece.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_greece.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_hongkong.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_hongkong.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_india.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_india.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_indonesia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_indonesia.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_italy.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_italy.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_japan.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_japan.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_korea.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_korea.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_mexico.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_mexico.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_netherlands.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_netherlands.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_spain.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_spain.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_sweeden.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_sweeden.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_taiwan.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_taiwan.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_uk.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_uk.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_usa.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_usa.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\fn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\fn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\g.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\g.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gaming.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gaming.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gograph.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gograph.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0_5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1_5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2_5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3_5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4_5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\help.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\help.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hideremove.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hideremove.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\highlight.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\highlight.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hororank.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hororank.xml.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aquarius.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aquarius.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aries.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aries.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_cancer.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_cancer.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_capricorn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_capricorn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_gemini.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_gemini.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_leo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_leo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_libra.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_libra.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_pisces.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_pisces.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_sagittarius.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_sagittarius.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_scorpio.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_scorpio.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_taurus.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_taurus.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_virgo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_virgo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\i.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\i.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\IEtab1_7b.zip->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\IEtab1_7b.zip.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\in.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\in.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ipsearch.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ipsearch.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\j.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\j.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\jn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\jn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\k.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\k.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\kn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\kn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\l.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\l.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ln.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ln.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\loading.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\loading.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\login.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\login.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\logo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\logo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\n.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\n.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\New York_NY_weather.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\New York_NY_weather.txt.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\new02.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\new02.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\news.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\news.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\news.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\news.html.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\nn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\nn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\o.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\o.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\on.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\on.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pestscanimg.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pestscanimg.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pixsy.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pixsy.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_off.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_off.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_on.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_on.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_ona.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_ona.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo_fr.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo_fr.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\q.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\q.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\qn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\qn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\r.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\r.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\relatedlinks.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\relatedlinks.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\report.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\report.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.xsl->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.xsl.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss1.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rsslib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rsslib.js.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rssmenu1_6a.zip->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rssmenu1_6a.zip.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\s.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\s.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\security.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\security.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\Sinfo.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\Sinfo.txt.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\siteinfo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\siteinfo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\slider.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\slider.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\sn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\sn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\spacer.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\spacer.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red1.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red2.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red3.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red3.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red4.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red4.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red5.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\storage.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\storage.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\t.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\t.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabdata.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabdata.js.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tablib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tablib.js.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_en.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_en.html.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_fr.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_fr.html.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tab_icon.png->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tab_icon.png.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\technorati.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\technorati.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\thes_search.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\thes_search.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tools.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tools.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\translate.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\translate.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\u.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\u.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\un.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\un.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\utf8.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\utf8.js.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\v.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\v.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vmlib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vmlib.js.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vmntoolbartb0500.cfg->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vmntoolbartb0500.cfg.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\w.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\w.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\web.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\web.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\wikipedia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\wikipedia.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\wn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\wn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\x.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\x.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\xp_close_small.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\xp_close_small.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\Yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\Yahoo.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\yahoo_search.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\yahoo_search.gif.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\YouTube.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\YouTube.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\z.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\z.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\zn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\zn.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\zoom.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\zoom.bmp.vir C:\Users\Klaus\AppData\LocalLow\vmntoolbar\0\rsscenter.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\0\rsscenter.xml.vir C:\Users\Klaus\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe.vir C:\Users\Klaus\AppData\Roaming\DriverCure\LogFile.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\DriverCure\LogFile.txt.vir C:\Users\Klaus\AppData\Roaming\GrabPro\conf.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\GrabPro\conf.dat.vir C:\Users\Klaus\AppData\Roaming\HPAppData\hpswpip.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\HPAppData\hpswpip.dat.vir C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe.vir C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe.vir C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallLog->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallLog.vir C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallState->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallState.vir C:\Users\Klaus\AppData\Roaming\OCS\SM\vl.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\vl.dat.vir C:\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Client.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Client.txt.vir C:\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Server.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Server.txt.vir C:\Users\Klaus\AppData\Roaming\ProgSense\User.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ProgSense\User.xml.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Uninstall Video Converter.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Uninstall Video Converter.lnk.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Video Converter.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Video Converter.lnk.vir C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar\1.1.0.0__318d21d4b0463a3b\QuickStoresToolbar.dll->C:\AdwCleaner\Quarantine\C\Windows\assembly\GAC_MSIL\QuickStoresToolbar\1.1.0.0__318d21d4b0463a3b\QuickStoresToolbar.dll.vir C:\Program Files (x86)\Mozilla Firefox\components\AskSearch.js->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\components\AskSearch.js.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url.vir C:\Windows\Reimage.ini->C:\AdwCleaner\Quarantine\C\Windows\Reimage.ini.vir C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk.vir |
22.12.2015, 13:35 | #11 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, ich brauch bitte das Scan-Log von MBAM |
22.12.2015, 14:20 | #12 |
| Cursor friert für kurze Zeit ein Hi, unter Verlauf finde ich zwei Protokolle Schutzprotokoll protection-log Scan-Protokoll mbam-log. Beide sind .xml Die habe ich doch gepostet. mfG Klaus |
22.12.2015, 17:06 | #13 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, Eigenartig, hast du hier auch schon geschaut? Malwarebytes Anti-Malware Logfile finden - Anleitungen |
22.12.2015, 18:26 | #14 |
| Cursor friert für kurze Zeit ein Hi, da liegt mein Fehler, habe nicht exportiert. Also nochmal 6 Stunden Suchlauf. Das Ergebnis kommt dann erst morgen. mfG Klaus |
22.12.2015, 19:19 | #15 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, 6 Stunden? Lass MBAM mal und mach das hier: Zustand der Festplatte herausfinden - so gehts - Anleitungen |
Themen zu Cursor friert für kurze Zeit ein |
cursor, eingefangen, etliche, friert, gefangen, helft, kurze, problem, sekunden, tagen |