PC braucht eine gefühlte Ewigkeit um hochzufahren

Lilian-Rose · 22.02.2016, 23:00

Hallo ihr Lieben,

ich hab das Problem, dass mein PC zwischen 20 Minuten und einer halben Stunde braucht, um hochzufahren. Wollte euch bitten, zu überprüfen, ob ich mir einen Virus bzw. einen Trojaner eingefangen habe.

Vielen Dank für eure Hilfe!

Gruß Lilian

burningice · 23.02.2016, 00:39

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist

Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lilian-Rose · 23.02.2016, 10:42

Hallo Rafael,

vielen Dank für Deine Antwort und danke, dass Du mir hilfst!

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (23-02-2016 10:13:07)
Gestartet von C:\Users\Conny\Desktop
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(BERNINA International AG) C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl: 
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\ask-search.xml [2014-08-06]
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\avira-safesearch.xml [2014-11-29]
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2015-01-15] [ist nicht signiert]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-22]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl" 
CHR DefaultSearchURL: Default -> hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f96bdea8-0d1c-43b5-bfc4-62d7f6d6a2b0&searchtype=ds&q={searchTerms}&installDate=01/01/1970
CHR DefaultSearchKeyword: Default -> search.snap.do
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (McAfee Security Scan+) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-28]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 10:13 - 2016-02-23 10:13 - 00028435 _____ C:\Users\Conny\Desktop\FRST.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-23 10:00 - 2016-02-23 10:00 - 01722368 _____ (Farbar) C:\Users\Conny\Desktop\FRST.exe
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 10:13 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 10:04 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-23 10:04 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-23 09:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 09:29 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-23 09:29 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-23 09:26 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-23 09:26 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-23 00:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-22 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 14:14 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bubble Noise
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bundle
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\CIOSupport
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Caches
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Calibrators
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Carbon
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Colors
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Command Line Utility
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Common
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-03 14:13 - 2014-10-06 19:06 - 36707080 _____ (Deutsche Telekom AG                                                                                                                                                                                                                                                                                         ) C:\ProgramData\Setup_OnlineManager.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Setup_OnlineManager.exe


Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\63j22bqy.dll
C:\Users\Conny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpodthhw.dll
C:\Users\Conny\AppData\Local\Temp\{485B3219-350D-4D43-B9B5-B5C3EF9AA775}-45.0.2454.85_44.0.2403.157_chrome_updater.exe
C:\Users\Conny\AppData\Local\Temp\{5BC58F71-DEAF-4250-BCBE-695EBC8C347D}-DropboxClient_3.12.5.exe
C:\Users\Conny\AppData\Local\Temp\{97B3D358-6576-46E3-9512-AFE48A643662}-DropboxClient_3.10.11.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-02-23 10:14:41)
Gestartet von C:\Users\Conny\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - System32\Tasks\Start Registry Reviver => C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-22 21:59 - 2016-02-22 21:59 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022201\algo.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-07 23:31 - 2016-02-22 23:45 - 00153032 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-07 23:31 - 2016-02-22 23:45 - 00022472 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Desktop\FRST.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D8CD9CAA-3253-4250-AE28-A3473F8B19B6}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{01DFA9BD-033B-45E3-8995-A7F5E4645E4A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F3306F5C-2F22-4574-B627-437CC875CB06}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{9ED28E55-2CA2-4F42-8E9D-B7F789F2B6CD}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{1CEE4FDC-A750-422E-BF02-54313427F605}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{071C0213-F2D1-4E87-8E3A-164870268B8D}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{5BFFFE32-342A-4DBF-A20D-25DFB5BF308B}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{243400B4-CA6D-4A25-8CAA-42EDCB018C28}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

24-01-2016 13:49:19 Windows Update
24-01-2016 19:00:38 Windows-Sicherung
27-01-2016 17:23:12 Windows Update
31-01-2016 10:41:12 Windows Update
31-01-2016 19:00:32 Windows-Sicherung
03-02-2016 16:10:23 Windows Update
07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/23/2016 09:37:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 09:27:01 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=104C}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 09:27:01 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=104C}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/22/2016 11:40:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 15.0.4787.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1200

Startzeit: 01d16dc1b10ae95d

Endzeit: 70

Anwendungspfad: C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE

Berichts-ID: 349716f0-d9b5-11e5-9e73-6c626d8c240d

Error: (02/22/2016 06:05:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/22/2016 05:56:08 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=16B8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/22/2016 05:56:08 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=16B8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/21/2016 07:14:06 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (02/21/2016 06:59:33 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
   at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
   at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
   at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
   at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
   at MultiThreading.Reactive.MainLoop()
   at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (02/21/2016 11:06:47 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


Systemfehler:
=============
Error: (02/23/2016 09:26:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/23/2016 09:26:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/22/2016 06:26:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.213.6863.0)

Error: (02/22/2016 06:25:43 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.6851.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/22/2016 06:02:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (02/22/2016 06:00:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Mobile-basierte Geräteverbindungen" wurde nicht richtig gestartet.

Error: (02/22/2016 05:56:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (02/22/2016 05:56:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AvastVBox COM Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/22/2016 05:56:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AvastVBox COM Service erreicht.

Error: (02/22/2016 05:54:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 405.71 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 1790.33 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1079.3 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:855.98 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

burningice · 23.02.2016, 13:38

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lilian-Rose · 23.02.2016, 17:33

Danke Rafael

Code:

ATTFilter

17:21:27.0660 0x0614  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:21:48.0221 0x0614  ============================================================
17:21:48.0221 0x0614  Current date / time: 2016/02/23 17:21:48.0221
17:21:48.0221 0x0614  SystemInfo:
17:21:48.0221 0x0614  
17:21:48.0221 0x0614  OS Version: 6.1.7601 ServicePack: 1.0
17:21:48.0221 0x0614  Product type: Workstation
17:21:48.0221 0x0614  ComputerName: CONNY-PC
17:21:48.0221 0x0614  UserName: Conny
17:21:48.0221 0x0614  Windows directory: C:\Windows
17:21:48.0221 0x0614  System windows directory: C:\Windows
17:21:48.0221 0x0614  Processor architecture: Intel x86
17:21:48.0221 0x0614  Number of processors: 4
17:21:48.0221 0x0614  Page size: 0x1000
17:21:48.0221 0x0614  Boot type: Normal boot
17:21:48.0221 0x0614  ============================================================
17:21:50.0436 0x0614  KLMD registered as C:\Windows\system32\drivers\37900792.sys
17:21:52.0682 0x0614  System UUID: {E58E5BBB-DE1C-E8B6-3C56-B9E3E8361685}
17:21:54.0086 0x0614  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:21:54.0507 0x0614  Drive \Device\Harddisk4\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x1000, Cylinders: 0x3B60, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:21:54.0507 0x0614  ============================================================
17:21:54.0507 0x0614  \Device\Harddisk0\DR0:
17:21:54.0507 0x0614  MBR partitions:
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA9854800
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA9887000, BlocksNum 0x5000000
17:21:54.0507 0x0614  \Device\Harddisk4\DR6:
17:21:54.0507 0x0614  MBR partitions:
17:21:54.0507 0x0614  \Device\Harddisk4\DR6\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xE8E0300
17:21:54.0507 0x0614  ============================================================
17:21:54.0648 0x0614  C: <-> \Device\Harddisk0\DR0\Partition2
17:21:54.0773 0x0614  D: <-> \Device\Harddisk0\DR0\Partition3
17:21:54.0773 0x0614  F: <-> \Device\Harddisk4\DR6\Partition1
17:21:55.0428 0x0614  ============================================================
17:21:55.0428 0x0614  Initialize success
17:21:55.0428 0x0614  ============================================================
17:24:13.0263 0x1104  ============================================================
17:24:13.0263 0x1104  Scan started
17:24:13.0263 0x1104  Mode: Manual; SigCheck; TDLFS; 
17:24:13.0263 0x1104  ============================================================
17:24:13.0263 0x1104  KSN ping started
17:24:16.0196 0x1104  KSN ping finished: true
17:24:16.0710 0x1104  ================ Scan system memory ========================
17:24:16.0710 0x1104  System memory - ok
17:24:16.0710 0x1104  ================ Scan services =============================
17:24:16.0913 0x1104  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:24:17.0100 0x1104  1394ohci - ok
17:24:17.0147 0x1104  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:24:17.0163 0x1104  ACPI - ok
17:24:17.0210 0x1104  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:24:17.0288 0x1104  AcpiPmi - ok
17:24:17.0381 0x1104  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:17.0412 0x1104  AdobeFlashPlayerUpdateSvc - ok
17:24:17.0506 0x1104  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:17.0537 0x1104  adp94xx - ok
17:24:17.0615 0x1104  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:24:17.0631 0x1104  adpahci - ok
17:24:17.0662 0x1104  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:24:17.0678 0x1104  adpu320 - ok
17:24:17.0709 0x1104  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:24:17.0818 0x1104  AeLookupSvc - ok
17:24:17.0865 0x1104  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
17:24:18.0130 0x1104  AFD - ok
17:24:18.0146 0x1104  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:24:18.0161 0x1104  agp440 - ok
17:24:18.0192 0x1104  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:24:18.0208 0x1104  aic78xx - ok
17:24:18.0239 0x1104  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
17:24:18.0317 0x1104  ALG - ok
17:24:18.0333 0x1104  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:24:18.0364 0x1104  aliide - ok
17:24:18.0411 0x1104  [ 90EC928E9542B166583D865F99F85BE8, F484697A6D0FE6E1DC7CAE3D21BEC8041D45111109E887FE6754817ADFCF6DDA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:24:18.0504 0x1104  AMD External Events Utility - ok
17:24:18.0520 0x1104  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:24:18.0536 0x1104  amdagp - ok
17:24:18.0551 0x1104  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:24:18.0567 0x1104  amdide - ok
17:24:18.0582 0x1104  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:24:18.0645 0x1104  AmdK8 - ok
17:24:19.0035 0x1104  [ D4EF00B622EBEBEF85AB53C51A509A14, AFDFF78D61D1495BD51197CF26EB34F77871DA0A13E9056DE3776C9364FBC9A9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:19.0472 0x1104  amdkmdag - ok
17:24:19.0518 0x1104  [ 0A536B713BF916E62A14D48B0C1739A3, 425184896AD276AD45822655ADEC9EC499A9574E5815426AD6231029B46DD194 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:24:19.0596 0x1104  amdkmdap - ok
17:24:19.0643 0x1104  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:24:19.0690 0x1104  AmdPPM - ok
17:24:19.0737 0x1104  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:24:19.0768 0x1104  amdsata - ok
17:24:19.0784 0x1104  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:19.0799 0x1104  amdsbs - ok
17:24:19.0815 0x1104  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:24:19.0815 0x1104  amdxata - ok
17:24:19.0862 0x1104  [ DB0FEB51DFA00543BF381D2014550FA3, 8A370F77BBC7120FBCF99D2AED04EB773A0C70E9A3C57E0C1CF55105D41AE6AC ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
17:24:19.0908 0x1104  androidusb - ok
17:24:19.0940 0x1104  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
17:24:19.0986 0x1104  AppID - ok
17:24:20.0002 0x1104  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:24:20.0018 0x1104  AppIDSvc - ok
17:24:20.0049 0x1104  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
17:24:20.0127 0x1104  Appinfo - ok
17:24:20.0174 0x1104  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:24:20.0189 0x1104  arc - ok
17:24:20.0205 0x1104  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:24:20.0220 0x1104  arcsas - ok
17:24:20.0345 0x1104  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:24:20.0377 0x1104  aspnet_state - ok
17:24:20.0439 0x1104  [ CED1D37BD8E8AFDBB2DD03650C91A626, 81808C6A4862C59F2EA01BF4AC22FE4B45D5BE7C8B3770E4223CFA1859DF1833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
17:24:20.0470 0x1104  aswHwid - ok
17:24:20.0501 0x1104  [ 9663B8EE07EFFA105E6A326F3F748B0B, AA8611AD3F1E953A07ED8D0FC5CC3E5A4B7BF6DC47AEEF52C9010815BC9CB941 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:24:20.0533 0x1104  aswMonFlt - ok
17:24:20.0579 0x1104  [ 47CD8DC2CF2F4CF7F8FF9A9987272652, CA5E050CDB085959C8F82CA2490971CBE30B21CAFFB77169F7CAE7F56EAF16C0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
17:24:20.0611 0x1104  aswRdr - ok
17:24:20.0642 0x1104  [ 5DE9634CF67CB34085C84BB5E52C129C, D13D57FB9027FF49BE2E581C1CFEED1DBF0DC600D319E90881852F88D6DC4D1E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
17:24:20.0642 0x1104  aswRvrt - ok
17:24:20.0689 0x1104  [ 684972B2649D271479C4ADED4CC811BD, C6C5338B5D0B703EA1C9C4181A4B2F33D98C0C6E7BE5458B2DEB67CF7AB7456E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:24:20.0735 0x1104  aswSnx - ok
17:24:20.0798 0x1104  [ DC9DD5E30452B780E16E227F033DF9A4, 5D55322FFDD46662CE937066FBDE101BEA1FCFEFABEC0DC4C1984F07CDC583EB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:24:20.0829 0x1104  aswSP - ok
17:24:20.0845 0x1104  [ 9096910AFC9AEA718FBB4EE2501CED7B, D684535E84B484602DB1BBC912567F86ABEA5D942DB444947CFDD216D15A0F73 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
17:24:20.0860 0x1104  aswStm - ok
17:24:20.0876 0x1104  [ 24AA84A4F7694FD5C69FE1344D33A0F4, DFE207336D36E82F833F7A84D7CC28ECF3BB5D52AB572C821F3CA3170D07B86F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:24:20.0891 0x1104  aswVmm - ok
17:24:20.0907 0x1104  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:21.0032 0x1104  AsyncMac - ok
17:24:21.0079 0x1104  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:24:21.0094 0x1104  atapi - ok
17:24:21.0125 0x1104  [ 636C40DAC5D13F4C354973017AA8ADC2, A32B0F39092765FCBC7D0135D8CD905C9FDB302B7A7474195108F8118833A842 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:24:21.0203 0x1104  AtiHDAudioService - ok
17:24:21.0235 0x1104  [ 8DF873D0587596C1D35A9CECECC61DA1, 41974FCA452CE48C5A6040BF99D1AC9A1C13FF38DF341443CCE2D2ABBC4C9453 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:24:21.0391 0x1104  AtiHdmiService - ok
17:24:21.0453 0x1104  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:21.0562 0x1104  AudioEndpointBuilder - ok
17:24:21.0578 0x1104  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:24:21.0609 0x1104  Audiosrv - ok
17:24:21.0718 0x1104  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:24:21.0749 0x1104  avast! Antivirus - ok
17:24:21.0905 0x1104  [ A4C778C47836C9786C6A648C828DFF2B, 85E070A4C6B4D84EEE5600BA71C9A5E8C051A85033A34BBB5FB1BB56E601E93C ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:24:22.0061 0x1104  AvastVBoxSvc - ok
17:24:22.0077 0x1104  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:24:22.0171 0x1104  AxInstSV - ok
17:24:22.0202 0x1104  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:24:22.0264 0x1104  b06bdrv - ok
17:24:22.0280 0x1104  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:24:22.0311 0x1104  b57nd60x - ok
17:24:22.0358 0x1104  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:24:22.0451 0x1104  BDESVC - ok
17:24:22.0467 0x1104  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:24:22.0561 0x1104  Beep - ok
17:24:22.0623 0x1104  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
17:24:22.0732 0x1104  BFE - ok
17:24:22.0779 0x1104  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
17:24:22.0951 0x1104  BITS - ok
17:24:22.0966 0x1104  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:23.0013 0x1104  blbdrive - ok
17:24:23.0075 0x1104  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:24:23.0122 0x1104  Bonjour Service - ok
17:24:23.0138 0x1104  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:24:23.0200 0x1104  bowser - ok
17:24:23.0216 0x1104  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:23.0278 0x1104  BrFiltLo - ok
17:24:23.0294 0x1104  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:23.0309 0x1104  BrFiltUp - ok
17:24:23.0341 0x1104  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:24:23.0403 0x1104  BridgeMP - ok
17:24:23.0419 0x1104  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
17:24:23.0497 0x1104  Browser - ok
17:24:23.0512 0x1104  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:24:23.0590 0x1104  Brserid - ok
17:24:23.0606 0x1104  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:23.0653 0x1104  BrSerWdm - ok
17:24:23.0668 0x1104  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:23.0684 0x1104  BrUsbMdm - ok
17:24:23.0699 0x1104  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:23.0715 0x1104  BrUsbSer - ok
17:24:23.0731 0x1104  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:23.0746 0x1104  BTHMODEM - ok
17:24:23.0777 0x1104  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
17:24:23.0824 0x1104  bthserv - ok
17:24:23.0996 0x1104  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:24:24.0058 0x1104  c2cautoupdatesvc - ok
17:24:24.0152 0x1104  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:24:24.0230 0x1104  c2cpnrsvc - ok
17:24:24.0308 0x1104  catchme - ok
17:24:24.0355 0x1104  [ F6B032F03602321CBAD380A6EB883525, 0793ABED0CB32EBDF9BEE4A5A47F65CF76A9D1AD45920E7CFAD3764854450E8C ] cbfs3           C:\Windows\system32\drivers\cbfs3.sys
17:24:24.0573 0x1104  cbfs3 - ok
17:24:24.0604 0x1104  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:24:24.0651 0x1104  cdfs - ok
17:24:24.0713 0x1104  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:24:24.0791 0x1104  cdrom - ok
17:24:24.0823 0x1104  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:24:24.0854 0x1104  CertPropSvc - ok
17:24:24.0885 0x1104  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:24:24.0963 0x1104  circlass - ok
17:24:25.0010 0x1104  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
17:24:25.0025 0x1104  CLFS - ok
17:24:25.0259 0x1104  [ 7E96F1AAE7A96B1B601B1A1705E5FDD4, BAA7A32676C46A04DAABA4371D66C35740C6445582DF4D20BF10AC2AB2595F35 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
17:24:25.0322 0x1104  ClickToRunSvc - ok
17:24:25.0415 0x1104  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:25.0447 0x1104  clr_optimization_v2.0.50727_32 - ok
17:24:25.0525 0x1104  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:25.0603 0x1104  clr_optimization_v4.0.30319_32 - ok
17:24:25.0618 0x1104  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:25.0649 0x1104  CmBatt - ok
17:24:25.0681 0x1104  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:24:25.0696 0x1104  cmdide - ok
17:24:25.0743 0x1104  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:24:25.0759 0x1104  CNG - ok
17:24:25.0774 0x1104  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:24:25.0790 0x1104  Compbatt - ok
17:24:25.0805 0x1104  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:24:25.0837 0x1104  CompositeBus - ok
17:24:25.0837 0x1104  COMSysApp - ok
17:24:25.0930 0x1104  cpuz132 - ok
17:24:25.0946 0x1104  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:25.0961 0x1104  crcdisk - ok
17:24:26.0039 0x1104  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:24:26.0086 0x1104  CryptSvc - ok
17:24:26.0195 0x1104  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:24:26.0273 0x1104  cvhsvc - ok
17:24:26.0320 0x1104  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:24:26.0367 0x1104  DcomLaunch - ok
17:24:26.0398 0x1104  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
17:24:26.0429 0x1104  defragsvc - ok
17:24:26.0461 0x1104  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:24:26.0523 0x1104  DfsC - ok
17:24:26.0570 0x1104  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:24:26.0632 0x1104  Dhcp - ok
17:24:26.0695 0x1104  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:24:26.0788 0x1104  DiagTrack - ok
17:24:26.0788 0x1104  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:24:26.0851 0x1104  discache - ok
17:24:26.0897 0x1104  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:24:26.0929 0x1104  Disk - ok
17:24:26.0991 0x1104  [ F6010162368D9BEF934F1647F2430446, 72ADDD38427B8E8D801A5C982CCE2A3B2F4FD0E21D68EDDFC9B019F4F39A8CC0 ] DiskSec         C:\Windows\system32\drivers\DiskSec.sys
17:24:27.0007 0x1104  DiskSec - detected UnsignedFile.Multi.Generic ( 1 )
17:24:30.0017 0x1104  Detect skipped due to KSN trusted
17:24:30.0017 0x1104  DiskSec - ok
17:24:30.0033 0x1104  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:24:30.0095 0x1104  Dnscache - ok
17:24:30.0127 0x1104  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:24:30.0173 0x1104  dot3svc - ok
17:24:30.0205 0x1104  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
17:24:30.0251 0x1104  DPS - ok
17:24:30.0298 0x1104  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:24:30.0454 0x1104  drmkaud - ok
17:24:30.0532 0x1104  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:24:30.0579 0x1104  DXGKrnl - ok
17:24:30.0626 0x1104  [ BC093CCA6939CF65BDDAA2FDE3E34CBE, D25FA7B3382C53969770883808B9BC45689F631DE1DDE535AB3A53AA45946F0B ] DxVGrb          C:\Windows\system32\drivers\DxVGrb.sys
17:24:30.0719 0x1104  DxVGrb - ok
17:24:30.0751 0x1104  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
17:24:30.0797 0x1104  EapHost - ok
17:24:30.0907 0x1104  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:24:31.0016 0x1104  ebdrv - ok
17:24:31.0063 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] EFS             C:\Windows\System32\lsass.exe
17:24:31.0125 0x1104  EFS - ok
17:24:31.0187 0x1104  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:24:31.0297 0x1104  ehRecvr - ok
17:24:31.0312 0x1104  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
17:24:31.0375 0x1104  ehSched - ok
17:24:31.0406 0x1104  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:24:31.0437 0x1104  elxstor - ok
17:24:31.0453 0x1104  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:24:31.0484 0x1104  ErrDev - ok
17:24:31.0499 0x1104  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
17:24:31.0546 0x1104  EventSystem - ok
17:24:31.0577 0x1104  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:24:31.0624 0x1104  exfat - ok
17:24:31.0640 0x1104  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:24:31.0687 0x1104  fastfat - ok
17:24:31.0718 0x1104  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
17:24:31.0780 0x1104  Fax - ok
17:24:31.0811 0x1104  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:24:31.0811 0x1104  fdc - ok
17:24:31.0827 0x1104  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
17:24:31.0874 0x1104  fdPHost - ok
17:24:31.0889 0x1104  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:24:31.0952 0x1104  FDResPub - ok
17:24:31.0967 0x1104  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:24:31.0983 0x1104  FileInfo - ok
17:24:31.0999 0x1104  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:24:32.0030 0x1104  Filetrace - ok
17:24:32.0061 0x1104  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:32.0092 0x1104  flpydisk - ok
17:24:32.0123 0x1104  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:24:32.0139 0x1104  FltMgr - ok
17:24:32.0217 0x06cc  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
17:24:32.0233 0x1104  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
17:24:32.0357 0x1104  FontCache - ok
17:24:32.0420 0x1104  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:24:32.0451 0x1104  FontCache3.0.0.0 - ok
17:24:32.0498 0x1104  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:24:32.0529 0x1104  FsDepends - ok
17:24:32.0591 0x1104  [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
17:24:32.0623 0x1104  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:24:35.0228 0x06cc  Object send P2P result: true
17:24:35.0618 0x1104  Detect skipped due to KSN trusted
17:24:35.0618 0x1104  FsUsbExDisk - ok
17:24:35.0665 0x1104  [ 96633419F4A1E37ACB89B45EBCCFE001, 53DC59D8EB89F380BC2DBB009EDFFD66552D68B8606187A75FEF64707267E4F9 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:24:35.0727 0x1104  FsUsbExService - ok
17:24:35.0743 0x1104  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:24:35.0758 0x1104  Fs_Rec - ok
17:24:35.0789 0x1104  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:24:35.0821 0x1104  fvevol - ok
17:24:35.0852 0x1104  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:35.0867 0x1104  gagp30kx - ok
17:24:35.0914 0x1104  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:24:35.0961 0x1104  gpsvc - ok
17:24:36.0008 0x1104  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:36.0023 0x1104  gupdate - ok
17:24:36.0039 0x1104  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:36.0055 0x1104  gupdatem - ok
17:24:36.0101 0x1104  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:24:36.0320 0x1104  gusvc - ok
17:24:36.0320 0x1104  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:24:36.0398 0x1104  hcw85cir - ok
17:24:36.0445 0x1104  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:36.0491 0x1104  HdAudAddService - ok
17:24:36.0538 0x1104  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:36.0569 0x1104  HDAudBus - ok
17:24:36.0585 0x1104  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:36.0616 0x1104  HidBatt - ok
17:24:36.0647 0x1104  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:24:36.0710 0x1104  HidBth - ok
17:24:36.0725 0x1104  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:24:36.0741 0x1104  HidIr - ok
17:24:36.0757 0x1104  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
17:24:36.0803 0x1104  hidserv - ok
17:24:36.0850 0x1104  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:24:36.0881 0x1104  HidUsb - ok
17:24:36.0897 0x1104  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:24:36.0944 0x1104  hkmsvc - ok
17:24:36.0975 0x1104  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:37.0037 0x1104  HomeGroupListener - ok
17:24:37.0069 0x1104  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:37.0115 0x1104  HomeGroupProvider - ok
17:24:37.0131 0x1104  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:24:37.0147 0x1104  HpSAMD - ok
17:24:37.0193 0x1104  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:24:37.0271 0x1104  HTTP - ok
17:24:37.0287 0x1104  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:24:37.0303 0x1104  hwpolicy - ok
17:24:37.0334 0x1104  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:24:37.0349 0x1104  i8042prt - ok
17:24:37.0412 0x1104  [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:24:37.0443 0x1104  iaStor - ok
17:24:37.0490 0x1104  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:24:37.0537 0x1104  IAStorDataMgrSvc - ok
17:24:37.0583 0x1104  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:24:37.0615 0x1104  iaStorV - ok
17:24:37.0708 0x1104  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:24:37.0724 0x1104  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:24:40.0579 0x1104  Detect skipped due to KSN trusted
17:24:40.0579 0x1104  IDriverT - ok
17:24:40.0688 0x1104  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:24:40.0750 0x1104  idsvc - ok
17:24:40.0813 0x1104  IEEtwCollectorService - ok
17:24:40.0896 0x1104  [ 62DD2F604DD1571C4E32D480DB2AB99A, 730C0CAA7AC3E215A98D9BD129C5E1525058637657E29A727BEF1B6D71609D48 ] IGDCTRL         C:\Program Files\1&1\IGDCTRL.EXE
17:24:40.0927 0x1104  IGDCTRL - ok
17:24:40.0960 0x1104  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:24:40.0974 0x1104  iirsp - ok
17:24:41.0052 0x1104  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:24:41.0109 0x1104  IKEEXT - ok
17:24:41.0241 0x1104  [ 4BE85CF5831A41104C2DDED55FBC3565, D5052C717710579A31E030CFFCA59B3632591FDDD2CE237C68276AE58783BD6F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:24:41.0352 0x1104  IntcAzAudAddService - ok
17:24:41.0386 0x1104  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:24:41.0398 0x1104  intelide - ok
17:24:41.0418 0x1104  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:24:41.0441 0x1104  intelppm - ok
17:24:41.0460 0x1104  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:24:41.0501 0x1104  IPBusEnum - ok
17:24:41.0525 0x1104  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:41.0570 0x1104  IpFilterDriver - ok
17:24:41.0604 0x1104  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:24:41.0646 0x1104  iphlpsvc - ok
17:24:41.0667 0x1104  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:24:41.0697 0x1104  IPMIDRV - ok
17:24:41.0712 0x1104  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:24:41.0758 0x1104  IPNAT - ok
17:24:41.0798 0x1104  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:24:41.0832 0x1104  IRENUM - ok
17:24:41.0849 0x1104  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:24:41.0865 0x1104  isapnp - ok
17:24:41.0893 0x1104  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:24:41.0912 0x1104  iScsiPrt - ok
17:24:41.0936 0x1104  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:41.0950 0x1104  kbdclass - ok
17:24:41.0966 0x1104  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:41.0981 0x1104  kbdhid - ok
17:24:41.0996 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] KeyIso          C:\Windows\system32\lsass.exe
17:24:42.0019 0x1104  KeyIso - ok
17:24:42.0049 0x1104  [ 0C51E9B34F3521806C78325E511E93EF, 5FB73AADC60FE73023BC50B0DB75B68D74A1546F26A65979A6BFBF3963C6FB24 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:24:42.0067 0x1104  KSecDD - ok
17:24:42.0098 0x1104  [ CC5B7CF2D08FDDAF1112FE2785F33FAC, DC13591CBB72631C2008781FCF40881182DA87BA1A69F3A858DBD33E8D8FFC95 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:24:42.0112 0x1104  KSecPkg - ok
17:24:42.0149 0x1104  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:24:42.0229 0x1104  KtmRm - ok
17:24:42.0286 0x1104  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:24:42.0343 0x1104  LanmanServer - ok
17:24:42.0369 0x1104  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:42.0418 0x1104  LanmanWorkstation - ok
17:24:42.0452 0x1104  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:24:42.0483 0x1104  lltdio - ok
17:24:42.0525 0x1104  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:24:42.0571 0x1104  lltdsvc - ok
17:24:42.0575 0x1104  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:24:42.0606 0x1104  lmhosts - ok
17:24:42.0633 0x1104  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:42.0648 0x1104  LSI_FC - ok
17:24:42.0666 0x1104  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:42.0680 0x1104  LSI_SAS - ok
17:24:42.0700 0x1104  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:42.0713 0x1104  LSI_SAS2 - ok
17:24:42.0734 0x1104  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:42.0749 0x1104  LSI_SCSI - ok
17:24:42.0760 0x1104  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:24:42.0814 0x1104  luafv - ok
17:24:42.0965 0x1104  [ 5BC80451109A8DD7F2DDD35BCE2929A3, F97BAD2D43D1E199841BAE5707424B49B4451CD486F249646E898FC7CC7AB4C8 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
17:24:43.0122 0x1104  LVUVC - ok
17:24:43.0185 0x1104  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:24:43.0248 0x1104  Mcx2Svc - ok
17:24:43.0265 0x1104  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:24:43.0278 0x1104  megasas - ok
17:24:43.0314 0x1104  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:43.0333 0x1104  MegaSR - ok
17:24:43.0355 0x1104  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
17:24:43.0406 0x1104  MMCSS - ok
17:24:43.0440 0x1104  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
17:24:43.0483 0x1104  Modem - ok
17:24:43.0504 0x1104  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:24:43.0556 0x1104  monitor - ok
17:24:43.0591 0x1104  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:24:43.0603 0x1104  mouclass - ok
17:24:43.0621 0x1104  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:24:43.0674 0x1104  mouhid - ok
17:24:43.0752 0x1104  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:24:43.0783 0x1104  mountmgr - ok
17:24:43.0859 0x1104  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:24:44.0066 0x1104  MozillaMaintenance - ok
17:24:44.0147 0x1104  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:44.0182 0x1104  MpFilter - ok
17:24:44.0209 0x1104  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:24:44.0227 0x1104  mpio - ok
17:24:44.0354 0x1104  [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKslbf30177f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{695EAB3A-2621-4B86-9127-2B514CAEA609}\MpKslbf30177f.sys
17:24:44.0368 0x1104  MpKslbf30177f - ok
17:24:44.0373 0x1104  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:24:44.0427 0x1104  mpsdrv - ok
17:24:44.0477 0x1104  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:24:44.0520 0x1104  MpsSvc - ok
17:24:44.0551 0x1104  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:24:44.0598 0x1104  MRxDAV - ok
17:24:44.0618 0x1104  [ E900BD16B9EE8F09609D7FBE2027B376, CD71FD868B58EA717499E8D30C78E025DDBCBADA4A7174C4A2FA6E88331AE5E5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:44.0697 0x1104  mrxsmb - ok
17:24:44.0718 0x1104  [ 34F71B69DD2875AF07C4DDF19563C457, C679477EFCF2ED385B89F5BE8739D508A6147CE954419EC2F7F4ECA4A6543CAF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:44.0754 0x1104  mrxsmb10 - ok
17:24:44.0773 0x1104  [ 14063258261AA807DAADC9233422A5E5, 685E5E4374F59CA500242918D2D887798EECAE5E7C31F05ABACA10F86E788EAD ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:44.0811 0x1104  mrxsmb20 - ok
17:24:44.0861 0x1104  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:24:44.0877 0x1104  msahci - ok
17:24:44.0894 0x1104  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:24:44.0910 0x1104  msdsm - ok
17:24:44.0930 0x1104  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
17:24:44.0954 0x1104  MSDTC - ok
17:24:44.0961 0x1104  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:24:45.0002 0x1104  Msfs - ok
17:24:45.0017 0x1104  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:24:45.0043 0x1104  mshidkmdf - ok
17:24:45.0071 0x1104  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:24:45.0084 0x1104  msisadrv - ok
17:24:45.0118 0x1104  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:24:45.0156 0x1104  MSiSCSI - ok
17:24:45.0159 0x1104  msiserver - ok
17:24:45.0180 0x1104  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:24:45.0216 0x1104  MSKSSRV - ok
17:24:45.0278 0x1104  [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:45.0292 0x1104  MsMpSvc - ok
17:24:45.0314 0x1104  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:45.0344 0x1104  MSPCLOCK - ok
17:24:45.0349 0x1104  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:24:45.0385 0x1104  MSPQM - ok
17:24:45.0402 0x1104  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:24:45.0419 0x1104  MsRPC - ok
17:24:45.0436 0x1104  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:24:45.0450 0x1104  mssmbios - ok
17:24:45.0457 0x1104  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:24:45.0483 0x1104  MSTEE - ok
17:24:45.0522 0x1104  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:45.0536 0x1104  MTConfig - ok
17:24:45.0552 0x1104  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:24:45.0566 0x1104  Mup - ok
17:24:45.0592 0x1104  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:24:45.0679 0x1104  napagent - ok
17:24:45.0706 0x1104  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:24:45.0761 0x1104  NativeWifiP - ok
17:24:45.0814 0x1104  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:24:45.0882 0x1104  NDIS - ok
17:24:45.0927 0x1104  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:45.0968 0x1104  NdisCap - ok
17:24:45.0978 0x1104  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:46.0002 0x1104  NdisTapi - ok
17:24:46.0028 0x1104  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:46.0064 0x1104  Ndisuio - ok
17:24:46.0113 0x1104  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:46.0155 0x1104  NdisWan - ok
17:24:46.0160 0x1104  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:24:46.0215 0x1104  NDProxy - ok
17:24:46.0251 0x1104  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:24:46.0317 0x1104  NetBIOS - ok
17:24:46.0343 0x1104  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:24:46.0378 0x1104  NetBT - ok
17:24:46.0388 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] Netlogon        C:\Windows\system32\lsass.exe
17:24:46.0413 0x1104  Netlogon - ok
17:24:46.0444 0x1104  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:24:46.0497 0x1104  Netman - ok
17:24:46.0585 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0618 0x1104  NetMsmqActivator - ok
17:24:46.0655 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0678 0x1104  NetPipeActivator - ok
17:24:46.0709 0x1104  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:24:46.0760 0x1104  netprofm - ok
17:24:46.0785 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0803 0x1104  NetTcpActivator - ok
17:24:46.0809 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0825 0x1104  NetTcpPortSharing - ok
17:24:46.0860 0x1104  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:24:46.0873 0x1104  nfrd960 - ok
17:24:46.0943 0x1104  [ 11D101C6EDE012E018F37275CD3DAA3C, DD97E2032BB7B70B5C60B26B0DC57A28A7CC9B817E664963D3213E756B03A1DF ] ngvss           C:\Windows\system32\drivers\ngvss.sys
17:24:46.0970 0x1104  ngvss - ok
17:24:46.0995 0x1104  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:24:47.0010 0x1104  NisDrv - ok
17:24:47.0049 0x1104  [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:24:47.0072 0x1104  NisSrv - ok
17:24:47.0106 0x1104  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:24:47.0152 0x1104  NlaSvc - ok
17:24:47.0182 0x1104  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:24:47.0214 0x1104  Npfs - ok
17:24:47.0226 0x1104  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
17:24:47.0270 0x1104  nsi - ok
17:24:47.0287 0x1104  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:24:47.0335 0x1104  nsiproxy - ok
17:24:47.0401 0x1104  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:24:47.0458 0x1104  Ntfs - ok
17:24:47.0496 0x1104  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:24:47.0524 0x1104  Null - ok
17:24:47.0552 0x1104  [ 03AD379554B50FA1802BE4EC2E291E92, DCF2B5DB1C8BDF2473E454F974EA6445C3EEC111252D859EC2EC3F6833390271 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:24:47.0697 0x1104  nusb3hub - ok
17:24:47.0732 0x1104  [ 06FE87C9D181AF5F04D192E604E10E6C, 27BBB521C68EAD123117DCD1DEA7436833EC0CFB62F6B6A5AC12E5A2996C7595 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:24:47.0780 0x1104  nusb3xhc - ok
17:24:47.0810 0x1104  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:24:47.0826 0x1104  nvraid - ok
17:24:47.0852 0x1104  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:24:47.0867 0x1104  nvstor - ok
17:24:47.0886 0x1104  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:24:47.0901 0x1104  nv_agp - ok
17:24:47.0925 0x1104  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:24:47.0963 0x1104  ohci1394 - ok
17:24:48.0019 0x1104  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:48.0051 0x1104  ose - ok
17:24:48.0223 0x1104  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:24:48.0415 0x1104  osppsvc - ok
17:24:48.0448 0x1104  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:24:48.0528 0x1104  p2pimsvc - ok
17:24:48.0557 0x1104  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:24:48.0599 0x1104  p2psvc - ok
17:24:48.0636 0x1104  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:24:48.0662 0x1104  Parport - ok
17:24:48.0675 0x1104  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:24:48.0691 0x1104  partmgr - ok
17:24:48.0698 0x1104  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:24:48.0729 0x1104  Parvdm - ok
17:24:48.0762 0x1104  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:24:48.0789 0x1104  PcaSvc - ok
17:24:48.0809 0x1104  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
17:24:48.0824 0x1104  pci - ok
17:24:48.0836 0x1104  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:24:48.0849 0x1104  pciide - ok
17:24:48.0871 0x1104  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:24:48.0888 0x1104  pcmcia - ok
17:24:48.0907 0x1104  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:24:48.0921 0x1104  pcw - ok
17:24:48.0961 0x1104  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:24:49.0000 0x1104  PEAUTH - ok
17:24:49.0066 0x1104  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
17:24:49.0181 0x1104  pla - ok
17:24:49.0210 0x1104  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:24:49.0274 0x1104  PlugPlay - ok
17:24:49.0300 0x1104  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:24:49.0317 0x1104  PNRPAutoReg - ok
17:24:49.0327 0x1104  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:24:49.0348 0x1104  PNRPsvc - ok
17:24:49.0378 0x1104  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:24:49.0425 0x1104  PolicyAgent - ok
17:24:49.0451 0x1104  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
17:24:49.0481 0x1104  Power - ok
17:24:49.0525 0x1104  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:24:49.0581 0x1104  PptpMiniport - ok
17:24:49.0607 0x1104  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:24:49.0639 0x1104  Processor - ok
17:24:49.0668 0x1104  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:24:49.0752 0x1104  ProfSvc - ok
17:24:49.0772 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:24:49.0795 0x1104  ProtectedStorage - ok
17:24:49.0825 0x1104  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:24:49.0878 0x1104  Psched - ok
17:24:49.0905 0x1104  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:24:49.0930 0x1104  PSI_SVC_2 - ok
17:24:49.0976 0x1104  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:24:50.0039 0x1104  ql2300 - ok
17:24:50.0077 0x1104  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:24:50.0091 0x1104  ql40xx - ok
17:24:50.0107 0x1104  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
17:24:50.0163 0x1104  QWAVE - ok
17:24:50.0179 0x1104  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:24:50.0195 0x1104  QWAVEdrv - ok
17:24:50.0247 0x1104  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:24:50.0274 0x1104  RapiMgr - ok
17:24:50.0282 0x1104  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:24:50.0310 0x1104  RasAcd - ok
17:24:50.0320 0x1104  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:24:50.0357 0x1104  RasAgileVpn - ok
17:24:50.0375 0x1104  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:24:50.0407 0x1104  RasAuto - ok
17:24:50.0418 0x1104  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:50.0444 0x1104  Rasl2tp - ok
17:24:50.0484 0x1104  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:24:50.0535 0x1104  RasMan - ok
17:24:50.0559 0x1104  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:50.0597 0x1104  RasPppoe - ok
17:24:50.0611 0x1104  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:24:50.0638 0x1104  RasSstp - ok
17:24:50.0663 0x1104  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:24:50.0693 0x1104  rdbss - ok
17:24:50.0703 0x1104  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:24:50.0732 0x1104  rdpbus - ok
17:24:50.0764 0x1104  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:50.0808 0x1104  RDPCDD - ok
17:24:50.0870 0x1104  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:24:50.0910 0x1104  RDPENCDD - ok
17:24:50.0915 0x1104  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:24:50.0941 0x1104  RDPREFMP - ok
17:24:51.0031 0x1104  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:24:51.0148 0x1104  RdpVideoMiniport - ok
17:24:51.0208 0x1104  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:24:51.0245 0x1104  RDPWD - ok
17:24:51.0267 0x1104  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:24:51.0282 0x1104  rdyboost - ok
17:24:51.0303 0x1104  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:24:51.0345 0x1104  RemoteAccess - ok
17:24:51.0386 0x1104  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:24:51.0421 0x1104  RemoteRegistry - ok
17:24:51.0512 0x1104  [ 7728B6AEDC83BC0DEFD0A53371D4613B, B55EA9186442A9F94C1851E1F3C69FF8C7A4992818950AAB6831AC78ADE48214 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
17:24:51.0546 0x1104  RichVideo - ok
17:24:51.0583 0x1104  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:24:51.0691 0x1104  RpcEptMapper - ok
17:24:51.0723 0x1104  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:24:51.0757 0x1104  RpcLocator - ok
17:24:51.0785 0x1104  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
17:24:51.0822 0x1104  RpcSs - ok
17:24:51.0836 0x1104  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:24:51.0864 0x1104  rspndr - ok
17:24:51.0885 0x1104  [ 0516998076AD894AE7E362C3110AA071, 1C5B6A55418FE0D324AE2BD9AB9E5AAAB17F398608029E0EEAA0C0AE90040FDA ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
17:24:51.0901 0x1104  RTL8167 - ok
17:24:51.0952 0x1104  [ 9CE8DEFFAFFCCBF473015D76AE8EE514, D2EC909865653C4CF56C379D60E10A607E28D69B00BF0EFE6181580C00EF5124 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
17:24:51.0978 0x1104  RTL8192su - ok
17:24:51.0992 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] SamSs           C:\Windows\system32\lsass.exe
17:24:52.0013 0x1104  SamSs - ok
17:24:52.0045 0x1104  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:24:52.0058 0x1104  sbp2port - ok
17:24:52.0085 0x1104  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:24:52.0130 0x1104  SCardSvr - ok
17:24:52.0151 0x1104  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:24:52.0193 0x1104  scfilter - ok
17:24:52.0240 0x1104  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
17:24:52.0314 0x1104  Schedule - ok
17:24:52.0342 0x1104  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:24:52.0374 0x1104  SCPolicySvc - ok
17:24:52.0400 0x1104  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:24:52.0472 0x1104  SDRSVC - ok
17:24:52.0540 0x1104  [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:24:52.0578 0x1104  SeaPort - ok
17:24:52.0601 0x1104  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:24:52.0630 0x1104  secdrv - ok
17:24:52.0635 0x1104  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
17:24:52.0680 0x1104  seclogon - ok
17:24:52.0708 0x1104  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
17:24:52.0757 0x1104  SENS - ok
17:24:52.0769 0x1104  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:24:52.0806 0x1104  SensrSvc - ok
17:24:52.0832 0x1104  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:24:52.0862 0x1104  Serenum - ok
17:24:52.0881 0x1104  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:24:52.0899 0x1104  Serial - ok
17:24:52.0929 0x1104  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:24:52.0956 0x1104  sermouse - ok
17:24:52.0991 0x1104  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:24:53.0027 0x1104  SessionEnv - ok
17:24:53.0048 0x1104  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:24:53.0118 0x1104  sffdisk - ok
17:24:53.0135 0x1104  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:24:53.0159 0x1104  sffp_mmc - ok
17:24:53.0175 0x1104  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:24:53.0191 0x1104  sffp_sd - ok
17:24:53.0204 0x1104  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:53.0236 0x1104  sfloppy - ok
17:24:53.0293 0x1104  [ EC5C79BD81F0C55DF53F4818D4F1C2C8, B9650F484CF918781CA3B02278F19E73FA3B619133F75C0C42FEB788A183E0CB ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
17:24:53.0324 0x1104  Sftfs - ok
17:24:53.0400 0x1104  [ 1AEBDC693C74EA55FE05D51FA6573EBC, 92E3A6C8D3B5193BD2831DD47C4C58419F72ABC2C21C71A9A690CCFC2D05CBB0 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
17:24:53.0468 0x1104  sftlist - ok
17:24:53.0541 0x1104  [ A224670FB892A205E4D99E06C0B85C7C, 3E2E401FF5E0E9EE4C2BE9F5C3144086F5AB015789C36D7263BBAB59FEEB74C7 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:24:53.0572 0x1104  Sftplay - ok
17:24:53.0589 0x1104  [ 9D354D425FB55CDF0EDC7F67FBC5B04E, C3B68F8B5F34B73EF6588DCBB67BE7CB3E59918E7A58D90A83E3D8EBB6ECA291 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:24:53.0603 0x1104  Sftredir - ok
17:24:53.0610 0x1104  [ F369D6B89AA610174A4E90C8513B7C7A, 2AEFA10F57C0ED0466611957DED5425363608E88414DD7DCF74E182117B12F5A ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:24:53.0624 0x1104  Sftvol - ok
17:24:53.0657 0x1104  [ 19D34534176E62F35DDB7DC7B7FF2A87, DBBB9155B62482E4782E5302193586514880734BD3617FDCB51798EB404758D6 ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
17:24:53.0680 0x1104  sftvsa - ok
17:24:53.0716 0x1104  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:24:53.0774 0x1104  SharedAccess - ok
17:24:53.0811 0x1104  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:53.0884 0x1104  ShellHWDetection - ok
17:24:53.0901 0x1104  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:24:53.0914 0x1104  sisagp - ok
17:24:53.0939 0x1104  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:53.0952 0x1104  SiSRaid2 - ok
17:24:53.0973 0x1104  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:53.0988 0x1104  SiSRaid4 - ok
17:24:54.0065 0x1104  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:24:54.0095 0x1104  SkypeUpdate - ok
17:24:54.0121 0x1104  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:24:54.0175 0x1104  Smb - ok
17:24:54.0202 0x1104  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:24:54.0236 0x1104  SNMPTRAP - ok
17:24:54.0257 0x1104  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:24:54.0274 0x1104  spldr - ok
17:24:54.0314 0x1104  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
17:24:54.0378 0x1104  Spooler - ok
17:24:54.0486 0x1104  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:24:54.0657 0x1104  sppsvc - ok
17:24:54.0687 0x1104  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:24:54.0733 0x1104  sppuinotify - ok
17:24:54.0770 0x1104  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:24:54.0808 0x1104  srv - ok
17:24:54.0835 0x1104  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:24:54.0876 0x1104  srv2 - ok
17:24:54.0901 0x1104  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:24:54.0938 0x1104  srvnet - ok
17:24:54.0957 0x1104  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:24:55.0009 0x1104  SSDPSRV - ok
17:24:55.0030 0x1104  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:24:55.0061 0x1104  SstpSvc - ok
17:24:55.0107 0x1104  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
17:24:55.0133 0x1104  ss_bbus - ok
17:24:55.0154 0x1104  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
17:24:55.0169 0x1104  ss_bmdfl - ok
17:24:55.0185 0x1104  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
17:24:55.0198 0x1104  ss_bmdm - ok
17:24:55.0207 0x1104  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:24:55.0220 0x1104  stexstor - ok
17:24:55.0262 0x1104  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:24:55.0294 0x1104  StiSvc - ok
17:24:55.0314 0x1104  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:24:55.0327 0x1104  swenum - ok
17:24:55.0348 0x1104  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
17:24:55.0400 0x1104  swprv - ok
17:24:55.0462 0x1104  [ 9B2BDD7A8629A9C5A55CD5635DDF136F, 893B19E1A870DCF1EC45544CE901392E724968BB692881ED99A97FCCDFDB13DA ] SydexFDD        C:\Windows\system32\Drivers\sydexfdd.sys
17:24:55.0593 0x1104  SydexFDD - detected UnsignedFile.Multi.Generic ( 1 )
17:24:58.0670 0x1104  SydexFDD ( UnsignedFile.Multi.Generic ) - warning
17:25:01.0555 0x1104  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
17:25:01.0671 0x1104  SysMain - ok
17:25:01.0682 0x1104  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:25:01.0721 0x1104  TabletInputService - ok
17:25:01.0765 0x1104  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:25:01.0861 0x1104  TapiSrv - ok
17:25:01.0888 0x1104  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
17:25:01.0926 0x1104  TBS - ok
17:25:01.0978 0x1104  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:25:02.0036 0x1104  Tcpip - ok
17:25:02.0075 0x1104  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:25:02.0117 0x1104  TCPIP6 - ok
17:25:02.0151 0x1104  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:25:02.0178 0x1104  tcpipreg - ok
17:25:02.0211 0x1104  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:25:02.0259 0x1104  TDPIPE - ok
17:25:02.0274 0x1104  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:25:02.0309 0x1104  TDTCP - ok
17:25:02.0354 0x1104  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:25:02.0486 0x1104  tdx - ok
17:25:02.0520 0x1104  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:25:02.0548 0x1104  TermDD - ok
17:25:02.0637 0x1104  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
17:25:02.0764 0x1104  TermService - ok
17:25:02.0778 0x1104  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:25:02.0813 0x1104  Themes - ok
17:25:02.0832 0x1104  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:25:02.0867 0x1104  THREADORDER - ok
17:25:02.0903 0x1104  tmcomm - ok
17:25:02.0930 0x1104  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:25:02.0966 0x1104  TrkWks - ok
17:25:02.0996 0x1104  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:25:03.0032 0x1104  TrustedInstaller - ok
17:25:03.0069 0x1104  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:25:03.0085 0x1104  tssecsrv - ok
17:25:03.0120 0x1104  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:25:03.0152 0x1104  TsUsbFlt - ok
17:25:03.0181 0x1104  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:25:03.0230 0x1104  tunnel - ok
17:25:03.0246 0x1104  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:25:03.0261 0x1104  uagp35 - ok
17:25:03.0285 0x1104  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:25:03.0336 0x1104  udfs - ok
17:25:03.0356 0x1104  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:25:03.0374 0x1104  UI0Detect - ok
17:25:03.0407 0x1104  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:25:03.0421 0x1104  uliagpkx - ok
17:25:03.0446 0x1104  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:25:03.0475 0x1104  umbus - ok
17:25:03.0504 0x1104  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:25:03.0531 0x1104  UmPass - ok
17:25:03.0636 0x1104  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:25:03.0681 0x1104  UMVPFSrv - ok
17:25:03.0797 0x1104  [ BAABAF4D2D42B3AB853B1FB5A089AA8C, 6C44C5E8235000BE5B972F66EF59E5EB675CB2285AF384A090BC9DD619F05E42 ] UniversalCommunicationServer C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
17:25:03.0825 0x1104  UniversalCommunicationServer - ok
17:25:03.0841 0x1104  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:25:03.0880 0x1104  upnphost - ok
17:25:03.0920 0x1104  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:25:03.0969 0x1104  usbaudio - ok
17:25:04.0004 0x1104  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:25:04.0037 0x1104  usbccgp - ok
17:25:04.0047 0x1104  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:25:04.0063 0x1104  usbcir - ok
17:25:04.0087 0x1104  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:25:04.0102 0x1104  usbehci - ok
17:25:04.0126 0x1104  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:25:04.0150 0x1104  usbhub - ok
17:25:04.0181 0x1104  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:25:04.0205 0x1104  usbohci - ok
17:25:04.0223 0x1104  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:25:04.0244 0x1104  usbprint - ok
17:25:04.0286 0x1104  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
17:25:04.0343 0x1104  usbscan - ok
17:25:04.0393 0x1104  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:25:04.0445 0x1104  USBSTOR - ok
17:25:04.0464 0x1104  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:25:04.0496 0x1104  usbuhci - ok
17:25:04.0535 0x1104  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:25:04.0563 0x1104  usbvideo - ok
17:25:04.0585 0x1104  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
17:25:04.0634 0x1104  UxSms - ok
17:25:04.0664 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] VaultSvc        C:\Windows\system32\lsass.exe
17:25:04.0690 0x1104  VaultSvc - ok
17:25:04.0790 0x1104  [ 53D2D97E86482E0BF46462D9DCFEEC9D, 12328968129F3DEC989F4BEDE603DB0D574540B68CBF8537E070165600ABDBBA ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:25:04.0822 0x1104  VBoxAswDrv - ok
17:25:04.0853 0x1104  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:25:04.0869 0x1104  vdrvroot - ok
17:25:04.0903 0x1104  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
17:25:04.0946 0x1104  vds - ok
17:25:04.0958 0x1104  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:25:04.0996 0x1104  vga - ok
17:25:05.0012 0x1104  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:25:05.0042 0x1104  VgaSave - ok
17:25:05.0067 0x1104  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:25:05.0085 0x1104  vhdmp - ok
17:25:05.0100 0x1104  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:25:05.0113 0x1104  viaagp - ok
17:25:05.0124 0x1104  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:25:05.0153 0x1104  ViaC7 - ok
17:25:05.0180 0x1104  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:25:05.0193 0x1104  viaide - ok
17:25:05.0213 0x1104  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:25:05.0227 0x1104  volmgr - ok
17:25:05.0247 0x1104  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:25:05.0267 0x1104  volmgrx - ok
17:25:05.0282 0x1104  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:25:05.0300 0x1104  volsnap - ok
17:25:05.0327 0x1104  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:25:05.0342 0x1104  vsmraid - ok
17:25:05.0382 0x1104  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
17:25:05.0463 0x1104  VSS - ok
17:25:05.0501 0x1104  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:25:05.0544 0x1104  vwifibus - ok
17:25:05.0608 0x1104  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:25:05.0648 0x1104  vwififlt - ok
17:25:05.0657 0x1104  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:25:05.0679 0x1104  vwifimp - ok
17:25:05.0705 0x1104  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
17:25:05.0766 0x1104  W32Time - ok
17:25:05.0788 0x1104  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:25:05.0803 0x1104  WacomPen - ok
17:25:05.0827 0x1104  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:25:05.0862 0x1104  WANARP - ok
17:25:05.0866 0x1104  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:25:05.0893 0x1104  Wanarpv6 - ok
17:25:06.0019 0x1104  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:25:06.0092 0x1104  WatAdminSvc - ok
17:25:06.0139 0x1104  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:25:06.0225 0x1104  wbengine - ok
17:25:06.0250 0x1104  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:25:06.0275 0x1104  WbioSrvc - ok
17:25:06.0307 0x1104  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:25:06.0327 0x1104  WcesComm - ok
17:25:06.0361 0x1104  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:25:06.0401 0x1104  wcncsvc - ok
17:25:06.0415 0x1104  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:25:06.0504 0x1104  WcsPlugInService - ok
17:25:06.0512 0x1104  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:25:06.0533 0x1104  Wd - ok
17:25:06.0571 0x1104  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:25:06.0597 0x1104  Wdf01000 - ok
17:25:06.0655 0x1104  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:25:06.0694 0x1104  WdiServiceHost - ok
17:25:06.0698 0x1104  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:25:06.0714 0x1104  WdiSystemHost - ok
17:25:06.0750 0x1104  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
17:25:06.0786 0x1104  WebClient - ok
17:25:06.0794 0x1104  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:25:06.0827 0x1104  Wecsvc - ok
17:25:06.0842 0x1104  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:25:06.0884 0x1104  wercplsupport - ok
17:25:06.0921 0x1104  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:25:07.0017 0x1104  WerSvc - ok
17:25:07.0062 0x1104  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:25:07.0106 0x1104  WfpLwf - ok
17:25:07.0117 0x1104  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:25:07.0131 0x1104  WIMMount - ok
17:25:07.0215 0x1104  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:25:07.0289 0x1104  WinDefend - ok
17:25:07.0314 0x1104  WinHttpAutoProxySvc - ok
17:25:07.0369 0x1104  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:25:07.0417 0x1104  Winmgmt - ok
17:25:07.0518 0x1104  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:25:07.0618 0x1104  WinRM - ok
17:25:07.0667 0x1104  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.SYS
17:25:07.0708 0x1104  WinUsb - ok
17:25:07.0750 0x1104  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:25:07.0809 0x1104  Wlansvc - ok
17:25:07.0826 0x1104  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:25:07.0841 0x1104  WmiAcpi - ok
17:25:07.0861 0x1104  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:25:07.0892 0x1104  wmiApSrv - ok
17:25:07.0970 0x1104  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:25:08.0051 0x1104  WMPNetworkSvc - ok
17:25:08.0080 0x1104  wntpport - ok
17:25:08.0098 0x1104  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:25:08.0163 0x1104  WPCSvc - ok
17:25:08.0203 0x1104  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:25:08.0238 0x1104  WPDBusEnum - ok
17:25:08.0247 0x1104  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:25:08.0296 0x1104  ws2ifsl - ok
17:25:08.0313 0x1104  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:25:08.0348 0x1104  wscsvc - ok
17:25:08.0352 0x1104  WSearch - ok
17:25:08.0438 0x1104  [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:25:08.0557 0x1104  wuauserv - ok
17:25:08.0576 0x1104  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:25:08.0643 0x1104  WudfPf - ok
17:25:08.0674 0x1104  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:25:08.0713 0x1104  WUDFRd - ok
17:25:08.0746 0x1104  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:25:08.0797 0x1104  wudfsvc - ok
17:25:08.0842 0x1104  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:25:08.0928 0x1104  WwanSvc - ok
17:25:08.0975 0x1104  [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B, 2F667F6170F120F038122A6567C59836D5EC0FC966244DECDF974E0D25509C72 ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
17:25:09.0039 0x1104  XUIF - ok
17:25:09.0068 0x1104  ================ Scan global ===============================
17:25:09.0108 0x1104  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:25:09.0148 0x1104  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
17:25:09.0179 0x1104  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
17:25:09.0218 0x1104  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:25:09.0265 0x1104  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:25:09.0297 0x1104  [ Global ] - ok
17:25:09.0298 0x1104  ================ Scan MBR ==================================
17:25:09.0319 0x1104  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
17:25:11.0206 0x1104  \Device\Harddisk0\DR0 - ok
17:25:11.0413 0x1104  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR6
17:25:13.0230 0x1104  \Device\Harddisk4\DR6 - ok
17:25:13.0230 0x1104  ================ Scan VBR ==================================
17:25:13.0240 0x1104  [ 8D3C2716141466C553F42AD25923E377 ] \Device\Harddisk0\DR0\Partition1
17:25:13.0298 0x1104  \Device\Harddisk0\DR0\Partition1 - ok
17:25:13.0302 0x1104  [ 6906C902F0E51AF117D14BDF3646A777 ] \Device\Harddisk0\DR0\Partition2
17:25:13.0368 0x1104  \Device\Harddisk0\DR0\Partition2 - ok
17:25:13.0372 0x1104  [ 4A6508FACEA94B9FCABE01BDC850863E ] \Device\Harddisk0\DR0\Partition3
17:25:13.0374 0x1104  \Device\Harddisk0\DR0\Partition3 - ok
17:25:13.0379 0x1104  [ DA3B5C7CC88B55177C4E51CEE8C0DA86 ] \Device\Harddisk4\DR6\Partition1
17:25:13.0381 0x1104  \Device\Harddisk4\DR6\Partition1 - ok
17:25:13.0382 0x1104  ================ Scan generic autorun ======================
17:25:13.0465 0x1104  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
17:25:13.0970 0x1104  Adobe Reader Speed Launcher - ok
17:25:14.0060 0x1104  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:25:14.0110 0x1104  Adobe ARM - ok
17:25:14.0178 0x1104  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
17:25:14.0208 0x1104  LexwareInfoService - ok
17:25:14.0408 0x1104  [ 12DDF400E9E4441C0A9C144861D1EE01, 8B6702F149E044EC0CDA1291EE7AE64B9954E93E68F15DF8A925E396435254FF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:25:14.0599 0x1104  AvastUI.exe - ok
17:25:14.0696 0x1104  [ BBCCA29684E7C80B7AE4F5680EDF6FA8, 1101DCCB6CD0C45308F4A23DC4EEF6C6A7EE89C3A0A9FA74F5D2AFBACE6DCC98 ] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
17:25:14.0728 0x1104  DivXMediaServer - ok
17:25:14.0806 0x1104  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
17:25:14.0867 0x1104  DivXUpdate - ok
17:25:15.0003 0x1104  [ 629A67F63BEED0FB31D5EA2FDB545E8A, 99E4F7D1C1D8AA34DAA3B9121A86C82B0568B5E2D6FAF13BC811B4A3B0F3CF31 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
17:25:15.0043 0x1104  StartCCC - ok
17:25:15.0141 0x1104  [ 20DE1CDD37A5D3D4177B8D9FEF907D81, F6CE80984852595A677C92B8C555F9B0D398BAE36768E0D6FC7F8C7211D962D2 ] c:\Program Files\Microsoft Security Client\msseces.exe
17:25:15.0202 0x1104  MSC - ok
17:25:15.0267 0x1104  [ 504AAB0AF82973329CAEF8FFC595C05D, C5E619624870E9866B9D6B03683E4A700B92CA4254DE03F562E8A64F7F100A58 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:25:15.0305 0x1104  SunJavaUpdateSched - ok
17:25:15.0346 0x1104  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
17:25:15.0572 0x1104  swg - ok
17:25:15.0664 0x1104  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:25:15.0689 0x1104  Dropbox Update - ok
17:25:15.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:16.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:17.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:18.0633 0x1254  Object required for P2P: [ 12DDF400E9E4441C0A9C144861D1EE01 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:25:18.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:19.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:20.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:21.0486 0x1254  Object send P2P result: true
17:25:21.0736 0x1104  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
17:25:21.0763 0x1104  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
17:25:21.0813 0x1104  Win FW state via NFP2: enabled ( trusted )
17:25:24.0569 0x1104  ============================================================
17:25:24.0569 0x1104  Scan finished
17:25:24.0569 0x1104  ============================================================
17:25:24.0584 0x116c  Detected object count: 1
17:25:24.0584 0x116c  Actual detected object count: 1
17:28:27.0998 0x116c  SydexFDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:28:27.0998 0x116c  SydexFDD ( UnsignedFile.Multi.Generic ) - User select action: Skip

burningice · 23.02.2016, 18:13

Schritt 1
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

Lilian-Rose · 23.02.2016, 23:52

Hallo Rafael,

ich bin Deinen Anweisungen gefolgt und habe Malwarebytes installiert und laufen lassen.
Es wurden 40 Bedrohungen gefunden, die Option "Auswahl entfernen" steht nicht zur Verfügung. Soll ich auf Löschen klicken?

Ich danke Dir!

Gruß Lilian

Danke Rafael,

Schritt 1 und 2, poste ich Dir nun, FRST läßt sich momentan nicht starten, mein PC läuft sehr langsam und spinnt total

Code:

ATTFilter

# AdwCleaner v5.036 - Bericht erstellt am 23/02/2016 um 23:12:13
# Aktualisiert am 22/02/2016 von Xplode
# Datenbank : 2016-02-22.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Conny - CONNY-PC
# Gestartet von : C:\Users\Conny\Desktop\AdwCleaner_5.036.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\B7E8588600015AD1000AA4B1B4EB23C1
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Roaming\Yahoo!\Companion

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\avira-safesearch.xml
[-] Datei Gelöscht : C:\Windows\system32\ComputerUpdaterLM.ocx
[-] Datei Gelöscht : C:\Windows\system32\CUUpdateComponent.ocx

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\W3I
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IM
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\ImInstaller
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Internetbrowser ] *****

[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("avira.safe_search.search_was_active", "false");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23534281);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"147aa8ef1dd27a-02501569dbfe9b8-7f6f1635-0-147aa8ef1de2d6\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1417463476");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"d9a19b88a03ae58da8155f6560233994b8b999e3\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "4227604842");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"41e3be185ef56ab36bc1370e5b51421866ddbd9d\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.install", "1407315800547");
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do_
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f96bdea8-0d1c-43b5-bfc4-62d7f6d6a2b0&searchtype=ds&q={searchTerms}&installDate=01/01/1970
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bopakagnckmlgajfccecajhnimjiiedh

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11829 Bytes] - [23/02/2016 23:12:13]
C:\AdwCleaner\AdwCleaner[R0].txt - [45589 Bytes] - [08/03/2014 14:19:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [1491 Bytes] - [12/03/2014 23:11:37]
C:\AdwCleaner\AdwCleaner[R2].txt - [1174 Bytes] - [12/03/2014 23:19:24]
C:\AdwCleaner\AdwCleaner[R3].txt - [1607 Bytes] - [14/03/2014 11:30:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [43275 Bytes] - [08/03/2014 14:28:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [13458 Bytes] - [12/03/2014 23:16:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [1236 Bytes] - [12/03/2014 23:21:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [1668 Bytes] - [14/03/2014 11:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12490 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.02.2016
Suchlaufzeit: 21:48
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.23.05
Rootkit-Datenbank: v2016.02.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Conny

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357193
Abgelaufene Zeit: 25 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BackgroundContainer Startup Task, Löschen bei Neustart, [f22f4321fc9d56e024efbc4a39ca916f], 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Scheduled Update for Ask Toolbar, Löschen bei Neustart, [120fda8a6d2c4fe7fac4342d7292ac54], 
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start Registry Reviver, Löschen bei Neustart, [8d943b295d3c9a9cc7af29dd699b24dc], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [22ff89db7f1ace681854f61014efaf51], 
PUP.Optional.SweetIM, HKU\S-1-5-18\SOFTWARE\SweetIM, In Quarantäne, [c45d94d08e0b2d09f98a70a017ed8d73], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\AskPartnerNetwork, In Quarantäne, [70b1194bcdcc0630c9a337cf2fd4a65a], 

Registrierungswerte: 8
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D8CD9CAA-3253-4250-AE28-A3473F8B19B6}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [cf52481cdebbdc5a1a1b2c3b25dffa06]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{01DFA9BD-033B-45E3-8995-A7F5E4645E4A}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [a879a3c19bfe290dd95cff6853b1bb45]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F3306F5C-2F22-4574-B627-437CC875CB06}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [33ee42229affaf87fe36085f6a9ab947]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9ED28E55-2CA2-4F42-8E9D-B7F789F2B6CD}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [c061095bbedb54e2f1432c3b32d27888]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1CEE4FDC-A750-422E-BF02-54313427F605}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [170a362e45540c2a38fd4027db2960a0]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{071C0213-F2D1-4E87-8E3A-164870268B8D}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [6ab7b1b3a7f2ba7cfc39e97ee024df21]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5BFFFE32-342A-4DBF-A20D-25DFB5BF308B}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [b869b8ac7821b18594a05e09709454ac]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{243400B4-CA6D-4A25-8CAA-42EDCB018C28}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [37eae77da4f543f3de56283f93718e72]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 13
PUP.Optional.SweetIM, C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}, In Quarantäne, [f829065efb9e6bcb0c70b45cb351ab55], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [ba67055f9504a39339e58a3fb34f9b65], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork, In Quarantäne, [5ac702621f7a39fd5cc56069679ba45c], 

Dateien: 13
PUP.Optional.RegistryReviver, C:\Windows\System32\Tasks\Start Registry Reviver, In Quarantäne, [c16013514455b87e2e46f80e57ad04fc], 
PUP.Optional.SweetIM, C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx, In Quarantäne, [f829065efb9e6bcb0c70b45cb351ab55], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.1.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.2.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.3.0-4.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.12.0.0-4.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.9.3.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.12.0.0-1.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.12.0.0-2.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12], 
PUP.Optional.ASK.Gen, C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\ask-search.xml, In Quarantäne, [71b0ec7835645bdba8a5110e9a6b44bc], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Lilian-Rose · 24.02.2016, 21:31

Hallo Rafael,

FRST lief jetzt durch, ich poste Dir die Ergebnisse... danke, dass Du mir hilfst.
Seit gestern abend kommt immer wenn ich ein Programm öffne, oder eine Internetseite aufrufe, auf der rechten Seite am Bildschirm ein roter Kreis mit Trackerangaben, wo kommt das jetzt auf einmal her?

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (24-02-2016 10:32:05)
Gestartet von C:\Users\Conny\Desktop
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\Temp\92D2593C-0D45-4920-AE8A-5982CB54F954\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officec2rclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp46-kb3122661-x86.exe
(Microsoft Corporation) C:\d219d7df2473c9cc7fb057\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl: 
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2015-01-15] [ist nicht signiert]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-23]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-24 10:26 - 2016-02-24 10:31 - 00000000 ____D C:\501ab612fcddf2a2cb
2016-02-23 23:31 - 2016-02-23 23:32 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-02-23 23:03 - 2016-02-23 23:03 - 01511936 _____ C:\Users\Conny\Desktop\AdwCleaner_5.036.exe
2016-02-23 22:59 - 2016-02-23 22:59 - 00008564 _____ C:\Protokoll Malwarebytes.txt
2016-02-23 21:45 - 2016-02-23 21:45 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-23 21:40 - 2016-02-23 21:41 - 22908888 _____ (Malwarebytes ) C:\Users\Conny\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-23 17:21 - 2016-02-23 17:39 - 00216604 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_17.21.27_log.txt
2016-02-23 17:19 - 2016-02-23 17:19 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Conny\Desktop\tdsskiller.exe
2016-02-23 13:57 - 2016-02-23 17:20 - 00215200 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_13.57.11_log.txt
2016-02-23 10:14 - 2016-02-23 10:20 - 00057306 _____ C:\Users\Conny\Desktop\Addition.txt
2016-02-23 10:13 - 2016-02-24 10:33 - 00028191 _____ C:\Users\Conny\Desktop\FRST.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-23 10:00 - 2016-02-23 10:00 - 01722368 _____ (Farbar) C:\Users\Conny\Desktop\FRST.exe
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-24 10:32 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-24 10:32 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-24 10:32 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-24 10:31 - 2015-01-15 12:04 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-24 10:30 - 2015-01-15 12:03 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:29 - 2015-01-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-24 10:20 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-24 10:20 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-24 10:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-24 10:16 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 10:15 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 23:37 - 2014-03-08 14:19 - 00000000 ____D C:\AdwCleaner
2016-02-23 23:31 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-23 23:12 - 2011-07-24 16:03 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Yahoo!
2016-02-23 22:49 - 2014-06-29 09:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 22:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-23 22:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 22:37 - 2014-06-29 09:37 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-02-23 22:37 - 2009-07-14 08:48 - 00000000 ____D C:\Windows\ShellNew
2016-02-23 21:45 - 2014-06-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-22 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bubble Noise
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bundle
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\CIOSupport
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Caches
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Calibrators
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Carbon
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Colors
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Command Line Utility
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Common
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-03 14:13 - 2014-10-06 19:06 - 36707080 _____ (Deutsche Telekom AG                                                                                                                                                                                                                                                                                         ) C:\ProgramData\Setup_OnlineManager.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Setup_OnlineManager.exe


Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\63j22bqy.dll
C:\Users\Conny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpodthhw.dll
C:\Users\Conny\AppData\Local\Temp\sqlite3.dll
C:\Users\Conny\AppData\Local\Temp\{485B3219-350D-4D43-B9B5-B5C3EF9AA775}-45.0.2454.85_44.0.2403.157_chrome_updater.exe
C:\Users\Conny\AppData\Local\Temp\{5BC58F71-DEAF-4250-BCBE-695EBC8C347D}-DropboxClient_3.12.5.exe
C:\Users\Conny\AppData\Local\Temp\{97B3D358-6576-46E3-9512-AFE48A643662}-DropboxClient_3.10.11.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-02-24 10:34:56)
Gestartet von C:\Users\Conny\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-23 21:30 - 2016-02-23 21:30 - 02836480 _____ () C:\Program Files\AVAST Software\Avast\defs\16022301\algo.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Desktop\AdwCleaner_5.036.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\FRST.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\mbam-setup-2.2.0.1024.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\tdsskiller.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

31-01-2016 10:41:12 Windows Update
31-01-2016 19:00:32 Windows-Sicherung
03-02-2016 16:10:23 Windows Update
07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update
24-02-2016 10:22:25 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/24/2016 10:27:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/24/2016 10:18:17 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1294}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/24/2016 10:18:17 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1294}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 11:34:32 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.

Error: (02/23/2016 11:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x500
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_LanmanServer0
Pfad der fehlerhaften Anwendung: svchost.exe_LanmanServer1
Pfad des fehlerhaften Moduls: svchost.exe_LanmanServer2
Berichtskennung: svchost.exe_LanmanServer3

Error: (02/23/2016 11:25:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 10:48:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 10:38:53 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=A40}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 10:38:53 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=A40}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 05:33:56 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
   at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
   at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
   at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
   at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
   at MultiThreading.Reactive.MainLoop()
   at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()


Systemfehler:
=============
Error: (02/24/2016 10:16:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Universal Communication Server" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/24/2016 10:16:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Universal Communication Server erreicht.

Error: (02/24/2016 10:16:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/24/2016 10:15:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/24/2016 10:15:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎02.‎2016 um 00:04:41 unerwartet heruntergefahren.

Error: (02/24/2016 12:04:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/24/2016 12:04:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.

Error: (02/24/2016 12:03:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/24/2016 12:03:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.

Error: (02/24/2016 12:03:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Winmgmt erreicht.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 72%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 552.93 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2385.39 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1082.54 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:855.98 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

Hallo Rafael,

kannst Du mir schon sagen wie es bei mir aussieht?

Gruß Lilian

burningice · 25.02.2016, 03:14

Naja, ich sehe zumindest nichts offensichtliches, das solche Probleme verursachen könnte.

Bitte folge mal dieser Anleitung: Zustand der Festplatte herausfinden - so gehts - Anleitungen

Zitat:

Seit gestern abend kommt immer wenn ich ein Programm öffne, oder eine Internetseite aufrufe, auf der rechten Seite am Bildschirm ein roter Kreis mit Trackerangaben, wo kommt das jetzt auf einmal her?

Zeig mal einen Screenshot bitte

Lilian-Rose · 25.02.2016, 10:09

Rafael, wie kann ich Dir den Screenshot senden? Mit kopieren und einfügen geht es nicht... Sorry...

burningice · 25.02.2016, 10:34

haha - du kannst das "Snippingtool" auf deinem Computer starten, dann machst du den Screenshot, speicherst das ganze als Bild und hängst es hier an

Lilian-Rose · 25.02.2016, 10:38

hier kommt der Screenshot, als jpg war es möglich...

Lilian-Rose · 25.02.2016, 12:44

Danke für das Tool zur Überprüfung der Festplatten, hier kommt das Ergebnis

Code:

ATTFilter

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/25 12:41:33

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
   - WDC WD15EARS-00MVWB0
   - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
           Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
   Serial Number : WD-WMAZA0813822
       Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 2930277168
   Rotation Rate : Unbekannt
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : ---- | SATA/300
  Power On Hours : 20807 Std.
  Power On Count : 2314 mal
     Temperature : 30 C (86 F)
   Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
       APM Level : ----
       AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019F1 Mittlere Anlaufzeit
04 _98 _98 __0 00000000090E Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 000000005147 Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090A Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 0000000843EC Laden/Entladen-Zyklen
C2 120 111 __0 00000000001E Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 F1 19 00 00 00 00 00 04 32 00 62 62 0E
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 47 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0A 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 EC
080: 43 08 00 00 00 00 C2 22 00 78 6F 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F4

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
       Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
           Model : ST1000DM003-1ER162
        Firmware : CC45
   Serial Number : W4Y0W6HE
       Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 7200 RPM
       Interface : USB (Serial ATA)
   Major Version : ACS-2
   Minor Version : ACS-3 Revision 3b
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4063 Std.
  Power On Count : 460 mal
     Temperature : 30 C (86 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 8080h [ON]
       AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005C241E8 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 000000000992 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 000000097084 Suchfehler
09 _96 _96 __0 000000000FDF Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CC Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _98 _96 __0 00000000021B Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _70 _56 _45 00001E13001E Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 000000001208 Laden/Entladen-Zyklen
C2 _30 _44 __0 00100000001E Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 2D4800000036 Kopfpositionierungszeit
F1 100 253 __0 0000176895F8 LBA geschrieben (gesamt)
F2 100 253 __0 00C528E9DC41 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 E8 41 C2 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 92
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD 84 70 09 00 00 00 00 09 32
040: 00 60 60 DF 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CC 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 62 60 1B 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 46 38 1E 00 13 1E 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 08 12 00 00 00 00 00 C2 22
0D0: 00 1E 2C 1E 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 48 2D 15 F1 00 00 64 FD F8
110: 95 68 17 00 00 00 F2 00 00 64 FD 41 DC E9 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 40 01 00 00 02 02 02 02 02 02 02 02
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 5D 62 9F 51 4E 0D 00 00
1B0: 00 00 00 00 01 00 31 02 F8 95 68 17 00 00 00 00
1C0: 41 DC E9 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 51 01 01 00 01 00 00 00
1E0: 00 00 00 00 08 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

Code:

ATTFilter

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/25 12:44:10

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
   - WDC WD15EARS-00MVWB0
   - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
           Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
   Serial Number : WD-WMAZA0813822
       Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 2930277168
   Rotation Rate : Unbekannt
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : ---- | SATA/300
  Power On Hours : 20807 Std.
  Power On Count : 2314 mal
     Temperature : 30 C (86 F)
   Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
       APM Level : ----
       AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019F1 Mittlere Anlaufzeit
04 _98 _98 __0 00000000090E Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 000000005147 Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090A Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 0000000843EC Laden/Entladen-Zyklen
C2 120 111 __0 00000000001E Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 F1 19 00 00 00 00 00 04 32 00 62 62 0E
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 47 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0A 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 EC
080: 43 08 00 00 00 00 C2 22 00 78 6F 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F4

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
       Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
           Model : ST1000DM003-1ER162
        Firmware : CC45
   Serial Number : W4Y0W6HE
       Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 7200 RPM
       Interface : USB (Serial ATA)
   Major Version : ACS-2
   Minor Version : ACS-3 Revision 3b
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4063 Std.
  Power On Count : 460 mal
     Temperature : 30 C (86 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 8080h [ON]
       AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005C241E8 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 000000000992 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 000000097084 Suchfehler
09 _96 _96 __0 000000000FDF Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CC Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _98 _96 __0 00000000021B Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _70 _56 _45 00001E13001E Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 000000001209 Laden/Entladen-Zyklen
C2 _30 _44 __0 00100000001E Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 A3B600000036 Kopfpositionierungszeit
F1 100 253 __0 0000176895F8 LBA geschrieben (gesamt)
F2 100 253 __0 00C528E9DC61 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 E8 41 C2 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 92
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD 84 70 09 00 00 00 00 09 32
040: 00 60 60 DF 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CC 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 62 60 1B 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 46 38 1E 00 13 1E 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 09 12 00 00 00 00 00 C2 22
0D0: 00 1E 2C 1E 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 B6 A3 15 F1 00 00 64 FD F8
110: 95 68 17 00 00 00 F2 00 00 64 FD 61 DC E9 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 60 01 00 00 02 02 02 02 02 02 02 02
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 95 06 4B 5B 4E 0D 00 00
1B0: 00 00 00 00 01 00 31 02 F8 95 68 17 00 00 00 00
1C0: 61 DC E9 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 54 01 01 00 01 00 00 00
1E0: 00 00 00 00 08 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 FC

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

burningice · 26.02.2016, 09:47

Du hast mir zweimal die Daten von der selben Platte gepostet

Schritt 1
Download von

ZOEK (by Smeenk)

Speichere die zoek.exe auf dem Desktop.
Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
Code:
ATTFilter
```
iedefaults;
FFdefaults;
CHRdefaults
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
Bitte poste mir das zoek-results.log.

Schritt 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von ZOEK
Zustand der zweiten Festplatte
Frst.txt
Addition.txt

Verzögert der Computer immer noch so stark?

Lilian-Rose · 27.02.2016, 14:16

Hallo Rafael,

sorry, dass ich Dir zweimal dieselben Daten gepostet habe, war ein Versehen.
Ich sende Dir nun die Auswertung der zweiten Festplatte.

Code:

ATTFilter

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/27 14:11:55

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
   - WDC WD15EARS-00MVWB0
   - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
           Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
   Serial Number : WD-WMAZA0813822
       Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 2930277168
   Rotation Rate : Unbekannt
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : ---- | SATA/300
  Power On Hours : 20826 Std.
  Power On Count : 2316 mal
     Temperature : 31 C (87 F)
   Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
       APM Level : ----
       AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019E1 Mittlere Anlaufzeit
04 _98 _98 __0 000000000910 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 00000000515A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090C Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 000000084402 Laden/Entladen-Zyklen
C2 119 111 __0 00000000001F Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 E1 19 00 00 00 00 00 04 32 00 62 62 10
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 5A 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0C 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 02
080: 44 08 00 00 00 00 C2 22 00 77 6F 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
       Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
           Model : ST1000DM003-1ER162
        Firmware : CC45
   Serial Number : W4Y0W6HE
       Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 7200 RPM
       Interface : USB (Serial ATA)
   Major Version : ACS-2
   Minor Version : ACS-3 Revision 3b
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4082 Std.
  Power On Count : 463 mal
     Temperature : 33 C (91 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 8080h [ON]
       AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005F5B028 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 0000000009A2 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 0000000974D7 Suchfehler
09 _96 _96 __0 000000000FF2 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CF Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _99 _96 __0 00000000021F Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _67 _56 _45 0000211D0021 Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 00000000122B Laden/Entladen-Zyklen
C2 _33 _44 __0 001000000021 Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 47CD00000036 Kopfpositionierungszeit
F1 100 253 __0 000017689678 LBA geschrieben (gesamt)
F2 100 253 __0 00C528EC8ED9 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 28 B0 F5 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 A2
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD D7 74 09 00 00 00 00 09 32
040: 00 60 60 F2 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CF 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 63 60 1F 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 43 38 21 00 1D 21 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 2B 12 00 00 00 00 00 C2 22
0D0: 00 21 2C 21 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 CD 47 26 F1 00 00 64 FD 78
110: 96 68 17 00 00 00 F2 00 00 64 FD D9 8E EC 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 88 00 00 00 02 02 02 02 03 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 B4 B1 84 BE 5D 0D 00 00
1B0: 00 00 00 00 01 00 34 02 78 96 68 17 00 00 00 00
1C0: D9 8E EC 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 53 00 02 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 A5

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

Mein PC braucht beim Start 20 Minuten bis das Windowsbild erscheint und weitere 10 Minuten bis ich mit ihm arbeiten kann.

Code:

ATTFilter

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Conny on 27.02.2016 at 11:26:46,68.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Conny\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

27.02.2016 11:37:06 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Hilfe Assistent deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\VideoLAN deleted successfully
C:\Program Files\Yahoo! deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\DriverGenius deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\PROGRA~2\WinZip deleted successfully
C:\PROGRA~2\ZoomBrowser deleted successfully
C:\Users\Conny\AppData\Roaming\6ED3EE deleted successfully
C:\Users\Conny\AppData\Roaming\Ifxaxo deleted successfully
C:\Users\Conny\AppData\Roaming\Ihid deleted successfully
C:\Users\Conny\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Conny\AppData\Roaming\Siivul deleted successfully
C:\Users\Conny\AppData\Roaming\TP deleted successfully
C:\Users\Conny\AppData\Roaming\Xeodde deleted successfully
C:\Users\Conny\AppData\Roaming\Yahoo! deleted successfully
C:\Users\Conny\AppData\Roaming\Ybbuug deleted successfully
C:\Users\Conny\AppData\Roaming\Ydyq deleted successfully
C:\Users\Conny\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Conny\AppData\Local\EmieSiteList deleted successfully
C:\Users\Conny\AppData\Local\EmieUserList deleted successfully
C:\Users\Conny\AppData\Local\FRITZ! deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LavasoftTcpService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LavasoftTcpService deleted successfully

==== Batch Command(s) Run By Tool======================


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


==== Deleting Files \ Folders ======================

C:\Program Files\Hilfe Assistent not found
C:\Program Files\VideoLAN not found
C:\Program Files\Yahoo! not found
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) not found
C:\Program Files\Windows Live SkyDrive deleted
C:\Program Files\Sweet Home 3D deleted
C:\Users\Conny\AppData\Roaming\Wuala deleted
C:\Users\Conny\AppData\Roaming\Lavasoft\Web Companion deleted
C:\Users\Conny\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\Conny\AppData\Roaming\OpenCandy deleted
C:\PROGRA~2\Lavasoft\Web Companion deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Conny\AppData\Local\Lavasoft\WebCompanion.exe_Url_f5db2c2eotb405zbclgx4obr3tgwdj1t deleted
C:\Windows\system32\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Windows\System32\sho1846.tmp deleted
C:\Windows\System32\sho24CE.tmp deleted
C:\Windows\System32\sho24DD.tmp deleted
C:\Windows\System32\sho280.tmp deleted
C:\Windows\System32\sho40D5.tmp deleted
C:\Windows\System32\sho4914.tmp deleted
C:\Windows\System32\sho6979.tmp deleted
C:\Windows\System32\sho69E8.tmp deleted
C:\Windows\System32\sho7148.tmp deleted
C:\Windows\System32\sho7396.tmp deleted
C:\Windows\System32\sho849D.tmp deleted
C:\Windows\System32\sho9022.tmp deleted
C:\Windows\System32\sho9A9F.tmp deleted
C:\Windows\System32\sho9B26.tmp deleted
C:\Windows\System32\shoA41A.tmp deleted
C:\Windows\System32\shoA949.tmp deleted
C:\Windows\System32\shoAE8F.tmp deleted
C:\Windows\System32\shoB21F.tmp deleted
C:\Windows\system32\SafeAppRichList.ocx deleted
C:\Users\Conny\Documents\Add-in Express deleted
C:\PROGRA~2\Setup_OnlineManager.exe deleted
"C:\Windows\Installer\13d60aa.msi" deleted
"C:\Users\Conny\AppData\Roaming\Bubble Noise" deleted
"C:\Users\Conny\AppData\Roaming\Bundle" deleted
"C:\Users\Conny\AppData\Roaming\CIOSupport" deleted
"C:\ProgramData\Caches" deleted
"C:\ProgramData\Calibrators" deleted
"C:\ProgramData\Carbon" deleted
"C:\ProgramData\Colors" deleted
"C:\ProgramData\Command Line Utility" deleted
"C:\ProgramData\Common" deleted
"C:\Users\Conny\AppData\Roaming\Ovxou\suutb.hor" deleted
"C:\Users\Conny\AppData\Roaming\Teutm\humout.tmp" deleted
"C:\Users\Conny\AppData\Roaming\Teutm\humout.xyf" deleted
"C:\Users\Conny\AppData\Roaming\Iqkysi\onyb.feu" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\log4net.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\System.Data.SQLite.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dll" deleted
"C:\Users\Conny\AppData\Roaming\Ovxou" deleted
"C:\Users\Conny\AppData\Roaming\Teutm" deleted
"C:\Users\Conny\AppData\Roaming\Iqkysi" deleted
"C:\Program Files\Lavasoft\Web Companion" deleted
"C:\Program Files\Lavasoft\Web Companion\Application" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\de-DE" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\x86" deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.12.2015 16:34]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20.07.2015 19:59]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08.01.2016 10:47]

Google Voice Search Hotword (Beta) - Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Skype Click to Call - Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chromium Fix ======================

C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.msn.com/?pc=MSSE"
"Search Page"="https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}"
"Search Bar"="https://de.yahoo.com/?fr=hp-avast&type=avastbcl"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}"
"Search Bar"="https://de.yahoo.com/?fr=hp-avast&type=avastbcl"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="hxxp://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="hxxp://www.google.com"
"Default_Search_URL"="hxxp://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://www.msn.com/?pc=MSSE"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} - hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
HKCU\SearchScopes "DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - hxxp://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} - hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05100 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{705fd6c1-dca2-4646-b8fb-bea11e6c5bb7} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05100 deleted successfully

==== Empty IE Cache ======================

C:\Users\Conny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Conny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Conny\AppData\Local\Mozilla\Firefox\Profiles\7eu8aj4x.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=793 folders=96 183744670 bytes)

==== Empty Temp Folders ======================

C:\Users\Conny\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Conny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\a.affil.io"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\api.medianac.com"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\component.p7s1.com"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.hse24.de"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.n24.de"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.norma-online.de"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 27.02.2016 at 12:36:38,67 ======================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (27-02-2016 13:51:33)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(BERNINA International AG) C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl: 
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2016-02-25]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-23]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 12:19 - 2016-02-27 11:25 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-27 11:25 - 2016-02-27 12:29 - 00000000 ____D C:\zoek_backup
2016-02-27 11:22 - 2016-02-27 11:22 - 01309184 _____ C:\Users\Conny\Desktop\zoek.exe
2016-02-26 22:58 - 2016-02-26 22:58 - 00000000 ____D C:\Users\Conny\Desktop\Joel
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Local\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-02-25 12:37 - 2016-02-25 12:37 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\Program Files\Lavasoft
2016-02-25 12:36 - 2016-02-25 12:36 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-02-25 12:35 - 2016-02-25 12:36 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-02-25 12:35 - 2016-02-25 12:35 - 00001930 _____ C:\Users\Conny\Desktop\CrystalDiskInfo.lnk
2016-02-23 23:31 - 2016-02-26 22:51 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-02-23 22:59 - 2016-02-23 22:59 - 00008564 _____ C:\Protokoll Malwarebytes.txt
2016-02-23 17:21 - 2016-02-23 17:39 - 00216604 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_17.21.27_log.txt
2016-02-23 13:57 - 2016-02-23 17:20 - 00215200 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_13.57.11_log.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 13:51 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-27 13:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-27 13:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-27 13:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-27 12:44 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-27 12:44 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-27 12:38 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-27 12:38 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-27 12:29 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-27 12:29 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-27 11:29 - 2015-10-03 01:49 - 01448141 _____ C:\Users\Conny\Desktop\zoek.scr
2016-02-27 11:29 - 2015-10-03 01:49 - 01448141 _____ C:\Users\Conny\Desktop\zoek.com
2016-02-27 09:27 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-27 00:13 - 2015-04-04 23:49 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-24 10:31 - 2015-01-15 12:04 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-24 10:30 - 2015-01-15 12:03 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:29 - 2015-01-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-23 23:37 - 2014-03-08 14:19 - 00000000 ____D C:\AdwCleaner
2016-02-23 22:49 - 2014-06-29 09:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 22:37 - 2014-06-29 09:37 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-02-23 22:37 - 2009-07-14 08:48 - 00000000 ____D C:\Windows\ShellNew
2016-02-23 21:45 - 2014-06-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================

PC braucht eine gefühlte Ewigkeit um hochzufahren

Plagegeister aller Art und deren Bekämpfung: PC braucht eine gefühlte Ewigkeit um hochzufahren