Windows 7: mbam hat einiges gefunden

th.wm · 22.07.2016, 13:15

Hallo!

Nach viel zu langer zeit habe ich mal wieder einen Scan mit MBAM gemacht. Der hat einiges gefunden:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 15.07.2016
Suchlaufzeit: 18:59:18
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.15.05
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x64
Dateisystem: NTFS
Benutzer: Sophia

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 337651
Abgelaufene Zeit: 1 Std., 39 Min., 41 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 26
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], 
Adware.1ClickDownload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], 
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 

Registrierungswerte: 4
PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440},  | ÔJ f@¡*BCØ t@, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d]
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], 
PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [0948160e900a68ced44c1894e1231de3], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [d37e061e4c4ea492d24e6c400df7c23e], 

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 33
PUP.Optional.ASK, C:\Users\Sophia\AppData\Local\Temp\APNLogs, In Quarantäne, [1938b86c158583b3065e696836cc7f81], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}, Löschen bei Neustart, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults, Löschen bei Neustart, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DefualtImages, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit, Löschen bei Neustart, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts, Löschen bei Neustart, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds, In Quarantäne, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks, In Quarantäne, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Log, In Quarantäne, [afa28a9a178314224be5b413a2609967], 

Dateien: 80
PUP.Optional.InstallCore, C:\Users\Sophia\Downloads\Bombay_Bicycle_Club_-_Open_House_downloader.exe, In Quarantäne, [361bfa2af1a9a19584a690f605fc926e], 
PUP.Optional.ASK, C:\Users\Sophia\AppData\Local\Temp\APNLogs\iw.log, In Quarantäne, [1938b86c158583b3065e696836cc7f81], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DialogsAPI.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\excanvas.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\generalDialogStyle.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\PIE.htc, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\RoundedCorners.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\RoundedCornersIE9.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\settings.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\version.txt, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DefualtImages\icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_825452_821260_DE.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=825452&alertFeedId=821260.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], 
PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

MBAM hat dann alles gelöscht. Ist es damit schon getan?

Vielen Dank im vorraus schomal

M-K-D-B · 22.07.2016, 14:02

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

th.wm · 22.07.2016, 15:06

Hallo Matthias!

Vielen Dank dass du mir hilfst!

h:

TDSS hat nichts gefunden:

Code:

ATTFilter

15:41:05.0713 0x097c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:41:19.0741 0x097c  ============================================================
15:41:19.0741 0x097c  Current date / time: 2016/07/22 15:41:19.0741
15:41:19.0741 0x097c  SystemInfo:
15:41:19.0741 0x097c  
15:41:19.0741 0x097c  OS Version: 6.0.6002 ServicePack: 2.0
15:41:19.0741 0x097c  Product type: Workstation
15:41:19.0742 0x097c  ComputerName: SOPHIA-PC
15:41:19.0742 0x097c  UserName: Sophia
15:41:19.0742 0x097c  Windows directory: C:\Windows
15:41:19.0742 0x097c  System windows directory: C:\Windows
15:41:19.0742 0x097c  Running under WOW64
15:41:19.0742 0x097c  Processor architecture: Intel x64
15:41:19.0742 0x097c  Number of processors: 2
15:41:19.0742 0x097c  Page size: 0x1000
15:41:19.0742 0x097c  Boot type: Normal boot
15:41:19.0742 0x097c  ============================================================
15:41:30.0037 0x097c  KLMD registered as C:\Windows\system32\drivers\05347654.sys
15:41:37.0032 0x097c  System UUID: {8F072ABE-FD38-A799-CBC3-6E8C9E777908}
15:41:44.0704 0x097c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:47.0968 0x097c  ============================================================
15:41:47.0968 0x097c  \Device\Harddisk0\DR0:
15:41:47.0984 0x097c  MBR partitions:
15:41:47.0984 0x097c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
15:41:47.0984 0x097c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x1B4657AB
15:41:47.0984 0x097c  ============================================================
15:41:48.0076 0x097c  C: <-> \Device\Harddisk0\DR0\Partition2
15:41:48.0134 0x097c  D: <-> \Device\Harddisk0\DR0\Partition1
15:41:48.0135 0x097c  ============================================================
15:41:48.0135 0x097c  Initialize success
15:41:48.0135 0x097c  ============================================================
15:43:57.0091 0x0840  ============================================================
15:43:57.0091 0x0840  Scan started
15:43:57.0091 0x0840  Mode: Manual; SigCheck; TDLFS; 
15:43:57.0091 0x0840  ============================================================
15:43:57.0091 0x0840  KSN ping started
15:44:01.0414 0x0840  KSN ping finished: true
15:44:17.0768 0x0840  ================ Scan system memory ========================
15:44:17.0768 0x0840  System memory - ok
15:44:17.0769 0x0840  ================ Scan services =============================
15:44:18.0510 0x0840  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:44:19.0545 0x0840  ACPI - ok
15:44:20.0099 0x0840  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:44:20.0131 0x0840  AdobeARMservice - ok
15:44:21.0333 0x0840  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:44:21.0510 0x0840  AdobeFlashPlayerUpdateSvc - ok
15:44:21.0726 0x0840  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:44:21.0817 0x0840  adp94xx - ok
15:44:22.0047 0x0840  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:44:22.0091 0x0840  adpahci - ok
15:44:22.0119 0x0840  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:44:22.0270 0x0840  adpu160m - ok
15:44:22.0299 0x0840  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:44:22.0372 0x0840  adpu320 - ok
15:44:22.0434 0x0840  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:44:22.0622 0x0840  AeLookupSvc - ok
15:44:22.0850 0x0840  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
15:44:22.0894 0x0840  AESTFilters - ok
15:44:23.0029 0x0840  [ 8C771D6FBEE9D6F2E7DDE165940CB513, 1DDD7B495D12446F7FF206102D64D92D063C84EEA8D2F015F727721DC970BBE1 ] AFD             C:\Windows\system32\drivers\afd.sys
15:44:23.0134 0x0840  AFD - ok
15:44:23.0210 0x0840  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:44:23.0243 0x0840  agp440 - ok
15:44:23.0326 0x0840  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:44:23.0360 0x0840  aic78xx - ok
15:44:23.0405 0x0840  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
15:44:23.0881 0x0840  ALG - ok
15:44:24.0010 0x0840  [ 9544C2C55541C0C6BFD7B489D0E7D430, E242A7632BB51C965A7D2E2B0112C75018C0BB4B9A574920E44756E3AC1D8E77 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:44:24.0059 0x0840  aliide - ok
15:44:24.0088 0x0840  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:44:24.0146 0x0840  amdide - ok
15:44:24.0164 0x0840  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:44:24.0287 0x0840  AmdK8 - ok
15:44:24.0415 0x0840  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
15:44:24.0462 0x0840  Appinfo - ok
15:44:24.0601 0x0840  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:24.0646 0x0840  Apple Mobile Device Service - ok
15:44:24.0721 0x0840  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
15:44:24.0769 0x0840  arc - ok
15:44:24.0795 0x0840  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:44:24.0825 0x0840  arcsas - ok
15:44:25.0165 0x0840  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:44:25.0292 0x0840  aspnet_state - ok
15:44:25.0335 0x0840  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:25.0582 0x0840  AsyncMac - ok
15:44:25.0652 0x0840  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
15:44:25.0690 0x0840  atapi - ok
15:44:25.0794 0x0840  [ 00DACE1D9A0DA60215022C6B1FAC1673, BF9C0658F609DB5B633AE143ED818C20FCDEDB62F1D61518983FC2A0FC3A5180 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:44:26.0115 0x0840  Ati External Event Utility - ok
15:44:26.0775 0x0840  [ CEF278088637401F07A0064B0B900A32, 42934B3D76A90383701E5692D6131752551EF7849D0ECD355923D464A2BA096D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:44:27.0965 0x0840  atikmdag - ok
15:44:28.0196 0x0840  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:44:28.0335 0x0840  AudioEndpointBuilder - ok
15:44:28.0366 0x0840  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:44:28.0432 0x0840  AudioSrv - ok
15:44:28.0597 0x0840  [ F0FC8614A0200F0DFEF70FEA581CB84E, 08967ABB73904D70A963F3D0B7BAD60ED4CD38FE8FA3A8B1DFE39F305DF25E35 ] AVerAF35        C:\Windows\system32\Drivers\AVerAF35.sys
15:44:28.0756 0x0840  AVerAF35 - ok
15:44:29.0602 0x0840  [ A33C07F7527FC4CBC664C3137EB7D744, 09D15807D55F40E2E6B489D368C387A6EC1E123C8D2F745982B3CB43092503BB ] AVerRemote      C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
15:44:29.0935 0x0840  AVerRemote - detected UnsignedFile.Multi.Generic ( 1 )
15:44:32.0621 0x0840  Detect skipped due to KSN trusted
15:44:32.0621 0x0840  AVerRemote - ok
15:44:32.0742 0x0840  [ 9AEBB2D487D9BF4C0F354899D842EDD0, F859AAFFBC1D016F1E423E1D8C153BE961EBBBD21D8E36E9B62F70485D7D0D85 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
15:44:32.0945 0x0840  AVerScheduleService - detected UnsignedFile.Multi.Generic ( 1 )
15:44:35.0342 0x0840  Detect skipped due to KSN trusted
15:44:35.0342 0x0840  AVerScheduleService - ok
15:44:35.0446 0x0840  [ A7C9995BA861FCE78B2CEAAE61D39FD7, 47BB7487EF6FA61D2A6BA6E260A7CAD4CABF1BB52DAFE2D1E2C3F0C94507C49C ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
15:44:35.0595 0x0840  BCM42RLY - ok
15:44:35.0727 0x0840  [ 912012B708A7D8E8CE2EE55AFB663DFF, 41495708D2F530F9D90CCF346F0D769BED8C8EAE9BAB930450D91D14F6F134B7 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
15:44:36.0170 0x0840  BCM43XX - ok
15:44:36.0424 0x0840  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
15:44:36.0611 0x0840  BFE - ok
15:44:37.0038 0x0840  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
15:44:37.0346 0x0840  BITS - ok
15:44:37.0403 0x0840  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:44:37.0514 0x0840  blbdrive - ok
15:44:37.0774 0x0840  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:44:37.0821 0x0840  Bonjour Service - ok
15:44:37.0883 0x0840  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:44:37.0922 0x0840  bowser - ok
15:44:38.0017 0x0840  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:44:38.0066 0x0840  BrFiltLo - ok
15:44:38.0075 0x0840  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:44:38.0123 0x0840  BrFiltUp - ok
15:44:38.0354 0x0840  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
15:44:38.0497 0x0840  Browser - ok
15:44:38.0693 0x0840  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:44:38.0965 0x0840  Brserid - ok
15:44:39.0061 0x0840  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:44:39.0198 0x0840  BrSerWdm - ok
15:44:39.0271 0x0840  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:44:39.0483 0x0840  BrUsbMdm - ok
15:44:39.0618 0x0840  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:44:39.0762 0x0840  BrUsbSer - ok
15:44:39.0787 0x0840  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:44:40.0006 0x0840  BTHMODEM - ok
15:44:40.0093 0x0840  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:44:40.0285 0x0840  cdfs - ok
15:44:40.0400 0x0840  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:44:40.0499 0x0840  cdrom - ok
15:44:40.0773 0x0840  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:44:40.0843 0x0840  CertPropSvc - ok
15:44:40.0896 0x0840  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:44:41.0024 0x0840  circlass - ok
15:44:41.0097 0x0840  [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS            C:\Windows\system32\CLFS.sys
15:44:41.0150 0x0840  CLFS - ok
15:44:41.0716 0x0840  ClipInc001 - ok
15:44:41.0997 0x0840  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:42.0048 0x0840  clr_optimization_v2.0.50727_32 - ok
15:44:42.0151 0x0840  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:42.0185 0x0840  clr_optimization_v2.0.50727_64 - ok
15:44:42.0435 0x0840  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:42.0844 0x0840  clr_optimization_v4.0.30319_32 - ok
15:44:43.0065 0x0840  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:44:43.0284 0x0840  clr_optimization_v4.0.30319_64 - ok
15:44:43.0359 0x0840  [ B52D9A14CE4101577900A364BA86F3DF, A8AA928DDF5FE3861973D4EA03A5B700E99138236F1E8FF594293B9705BF470C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:43.0429 0x0840  CmBatt - ok
15:44:43.0668 0x0840  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:44:43.0693 0x0840  cmdide - ok
15:44:43.0774 0x0840  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:44:43.0850 0x0840  Compbatt - ok
15:44:43.0858 0x0840  COMSysApp - ok
15:44:43.0877 0x0840  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:44:43.0908 0x0840  crcdisk - ok
15:44:44.0181 0x0840  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:44:44.0260 0x0840  CryptSvc - ok
15:44:44.0369 0x0840  [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:44:44.0406 0x0840  CtClsFlt - ok
15:44:44.0604 0x0840  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:44:44.0832 0x0840  DcomLaunch - ok
15:44:44.0915 0x0840  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:44:44.0953 0x0840  DfsC - ok
15:44:45.0935 0x0840  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
15:44:46.0431 0x0840  DFSR - ok
15:44:46.0854 0x0840  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:44:46.0973 0x0840  Dhcp - ok
15:44:47.0052 0x0840  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
15:44:47.0085 0x0840  disk - ok
15:44:47.0247 0x0840  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:44:47.0286 0x0840  Dnscache - ok
15:44:47.0526 0x0840  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:44:47.0645 0x0840  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
15:44:50.0501 0x0840  Detect skipped due to KSN trusted
15:44:50.0501 0x0840  DockLoginService - ok
15:44:50.0989 0x0840  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
15:44:51.0067 0x0840  dot3svc - ok
15:44:51.0322 0x0840  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
15:44:51.0420 0x0840  DPS - ok
15:44:51.0506 0x0840  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:44:51.0536 0x0840  drmkaud - ok
15:44:51.0856 0x0840  [ 51991007674FB3548BE592F5071E747C, 4F73EBBAD41689057FC4CDB1570BA1C668A906722D302E00D87FACF024B514FC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:44:52.0174 0x0840  DXGKrnl - ok
15:44:52.0270 0x0840  [ 17D40652EF3E55EEAE187A89DF40965A, D49D45E64D52FE0FD10A3A5F537A5F7AA4387BE862A1A5544565A1D5D3CDAAE5 ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
15:44:52.0394 0x0840  e1express - ok
15:44:52.0457 0x0840  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:44:52.0582 0x0840  E1G60 - ok
15:44:52.0832 0x0840  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:44:52.0944 0x0840  EapHost - ok
15:44:52.0994 0x0840  [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:44:53.0030 0x0840  Ecache - ok
15:44:53.0165 0x0840  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:44:53.0237 0x0840  ehRecvr - ok
15:44:53.0272 0x0840  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
15:44:53.0311 0x0840  ehSched - ok
15:44:53.0384 0x0840  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
15:44:53.0411 0x0840  ehstart - ok
15:44:53.0489 0x0840  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:44:53.0652 0x0840  elxstor - ok
15:44:53.0727 0x0840  [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:44:53.0813 0x0840  EMDMgmt - ok
15:44:53.0843 0x0840  [ 991FAB6AA066E1214EFB5B496FB7959A, E0172B25BF127B18CA8FDEDF85A7DAAAB35BAE4F73E826C5767FF7DC50955FA5 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:44:53.0876 0x0840  ErrDev - ok
15:44:53.0982 0x0840  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
15:44:54.0271 0x0840  EventSystem - ok
15:44:54.0545 0x0840  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:44:54.0644 0x0840  exfat - ok
15:44:54.0694 0x0840  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:44:54.0739 0x0840  fastfat - ok
15:44:54.0854 0x0840  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:44:54.0942 0x0840  fdc - ok
15:44:55.0042 0x0840  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:44:55.0138 0x0840  fdPHost - ok
15:44:55.0189 0x0840  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:44:55.0358 0x0840  FDResPub - ok
15:44:55.0414 0x0840  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:44:55.0443 0x0840  FileInfo - ok
15:44:55.0491 0x0840  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:44:55.0562 0x0840  Filetrace - ok
15:44:55.0571 0x0840  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:55.0650 0x0840  flpydisk - ok
15:44:55.0728 0x0840  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:44:55.0769 0x0840  FltMgr - ok
15:44:55.0984 0x0840  [ DE26C43A170809645297C1B479B7F791, C76AAA07E6C4DD3E9C2035D88F63549D6A32C04329640617959BF86F50AEF735 ] FontCache       C:\Windows\system32\FntCache.dll
15:44:56.0283 0x0840  FontCache - ok
15:44:56.0378 0x0840  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:56.0402 0x0840  FontCache3.0.0.0 - ok
15:44:56.0467 0x0840  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:44:56.0638 0x0840  Fs_Rec - ok
15:44:56.0688 0x0840  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:44:56.0720 0x0840  gagp30kx - ok
15:44:56.0770 0x0840  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:44:56.0793 0x0840  GEARAspiWDM - ok
15:44:56.0897 0x0840  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:44:57.0053 0x0840  gpsvc - ok
15:44:57.0194 0x0840  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:57.0225 0x0840  gupdate - ok
15:44:57.0270 0x0840  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:57.0296 0x0840  gupdatem - ok
15:44:57.0370 0x0840  [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:44:57.0419 0x0840  HdAudAddService - ok
15:44:57.0761 0x0840  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:44:58.0083 0x0840  HDAudBus - ok
15:44:58.0259 0x0840  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:44:58.0389 0x0840  HidBth - ok
15:44:58.0717 0x0840  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:44:58.0851 0x0840  HidIr - ok
15:44:58.0996 0x0840  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
15:44:59.0050 0x0840  hidserv - ok
15:44:59.0405 0x0840  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:44:59.0433 0x0840  HidUsb - ok
15:44:59.0541 0x0840  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:44:59.0649 0x0840  hkmsvc - ok
15:44:59.0777 0x0840  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:44:59.0805 0x0840  HpCISSs - ok
15:44:59.0945 0x0840  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:45:00.0023 0x0840  HTTP - ok
15:45:00.0184 0x0840  [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:45:00.0218 0x0840  hwdatacard - ok
15:45:00.0244 0x0840  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:45:00.0271 0x0840  i2omp - ok
15:45:00.0313 0x0840  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:45:00.0385 0x0840  i8042prt - ok
15:45:00.0428 0x0840  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:45:00.0479 0x0840  iaStorV - ok
15:45:00.0822 0x0840  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:45:01.0095 0x0840  idsvc - ok
15:45:01.0176 0x0840  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:45:01.0203 0x0840  iirsp - ok
15:45:01.0369 0x0840  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
15:45:01.0895 0x0840  IKEEXT - ok
15:45:02.0521 0x0840  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
15:45:02.0548 0x0840  intelide - ok
15:45:02.0966 0x0840  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:45:03.0107 0x0840  intelppm - ok
15:45:03.0165 0x0840  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:45:03.0261 0x0840  IPBusEnum - ok
15:45:03.0832 0x0840  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:45:03.0943 0x0840  IpFilterDriver - ok
15:45:04.0225 0x0840  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:45:04.0359 0x0840  iphlpsvc - ok
15:45:04.0370 0x0840  IpInIp - ok
15:45:04.0441 0x0840  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:45:04.0578 0x0840  IPMIDRV - ok
15:45:04.0668 0x0840  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:45:04.0755 0x0840  IPNAT - ok
15:45:05.0048 0x0840  [ 0BE777523E5CB0E4F2CA2135DB4C60C8, 979BBAC7EAD3F5C913155BC12BB1B87D1EFD39D92293195D50805D657ABECC6D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:45:05.0158 0x0840  iPod Service - ok
15:45:05.0201 0x0840  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:45:05.0470 0x0840  IRENUM - ok
15:45:05.0633 0x0840  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:45:05.0662 0x0840  isapnp - ok
15:45:06.0185 0x0840  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:45:06.0232 0x0840  iScsiPrt - ok
15:45:06.0337 0x0840  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:45:06.0366 0x0840  iteatapi - ok
15:45:06.0427 0x0840  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:45:06.0451 0x0840  iteraid - ok
15:45:06.0682 0x0840  [ EB5C7891B9E6E4A1A4428F2160B12B53, 3569AB6F037D0B8650AF9CD107B49627E639A56141848A2763E2526D0A680ED0 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:45:06.0724 0x0840  k57nd60a - ok
15:45:06.0767 0x0840  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:45:06.0800 0x0840  kbdclass - ok
15:45:06.0952 0x0840  [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:45:07.0029 0x0840  kbdhid - ok
15:45:07.0119 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
15:45:07.0149 0x0840  KeyIso - ok
15:45:07.0226 0x0840  [ 8A4507582C71261627A7F89198A91B51, B591CB996EA109CD167FBE7CB61A2FEFF8C864B3BF6B0C1D566881936E213EAB ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:45:07.0296 0x0840  KSecDD - ok
15:45:07.0370 0x0840  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:45:07.0546 0x0840  ksthunk - ok
15:45:07.0876 0x0840  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:45:08.0268 0x0840  KtmRm - ok
15:45:08.0574 0x0840  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:45:08.0841 0x0840  LanmanServer - ok
15:45:08.0974 0x0840  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:45:09.0068 0x0840  LanmanWorkstation - ok
15:45:09.0336 0x0840  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:45:09.0441 0x0840  lltdio - ok
15:45:09.0689 0x0840  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:45:09.0772 0x0840  lltdsvc - ok
15:45:09.0976 0x0840  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:45:10.0092 0x0840  lmhosts - ok
15:45:10.0283 0x0840  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:45:10.0317 0x0840  LSI_FC - ok
15:45:10.0399 0x0840  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:45:10.0430 0x0840  LSI_SAS - ok
15:45:10.0493 0x0840  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:45:10.0527 0x0840  LSI_SCSI - ok
15:45:10.0619 0x0840  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:45:10.0737 0x0840  luafv - ok
15:45:11.0024 0x0840  massfilter - ok
15:45:11.0577 0x0840  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:45:11.0604 0x0840  MBAMProtector - ok
15:45:11.0937 0x0840  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:45:12.0489 0x0840  MBAMScheduler - ok
15:45:12.0762 0x0840  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:45:13.0181 0x0840  MBAMService - ok
15:45:13.0457 0x0840  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:45:13.0497 0x0840  MBAMSwissArmy - ok
15:45:13.0574 0x0840  [ 00080C25E22BD1C17F2B951F167D06D7, 1E554C521CBC7C4A8B76B877CA3F3AFE5485AF580D1AF9AA0E1B14C8C79CD9A6 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:45:13.0600 0x0840  MBAMWebAccessControl - ok
15:45:13.0651 0x0840  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:45:13.0686 0x0840  Mcx2Svc - ok
15:45:13.0775 0x0840  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:45:13.0805 0x0840  megasas - ok
15:45:13.0854 0x0840  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:45:13.0935 0x0840  MegaSR - ok
15:45:13.0954 0x0840  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
15:45:14.0081 0x0840  MMCSS - ok
15:45:14.0092 0x0840  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
15:45:14.0203 0x0840  Modem - ok
15:45:14.0260 0x0840  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:45:14.0337 0x0840  monitor - ok
15:45:14.0375 0x0840  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:45:14.0406 0x0840  mouclass - ok
15:45:14.0426 0x0840  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:45:14.0505 0x0840  mouhid - ok
15:45:14.0562 0x0840  [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:45:14.0601 0x0840  MountMgr - ok
15:45:14.0884 0x0840  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:45:14.0916 0x0840  MozillaMaintenance - ok
15:45:15.0085 0x0840  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:45:15.0183 0x0840  MpFilter - ok
15:45:15.0246 0x0840  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
15:45:15.0281 0x0840  mpio - ok
15:45:15.0321 0x0840  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:45:15.0374 0x0840  mpsdrv - ok
15:45:15.0491 0x0840  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:45:15.0957 0x0840  MpsSvc - ok
15:45:15.0991 0x0840  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:45:16.0017 0x0840  Mraid35x - ok
15:45:16.0083 0x0840  [ 0F09F5686FD2025C1607B3CA301E3D28, 04F96858C82EDF636F0C8CF8F2286D3A1229BBC9F06C2AFA7BDB9D5DC5BD69BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:45:16.0121 0x0840  MRxDAV - ok
15:45:16.0500 0x0840  [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:45:16.0536 0x0840  mrxsmb - ok
15:45:16.0602 0x0840  [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:45:16.0656 0x0840  mrxsmb10 - ok
15:45:16.0679 0x0840  [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:45:16.0714 0x0840  mrxsmb20 - ok
15:45:16.0785 0x0840  [ AA459F2AB3AB603C357FF117CAE3D818, C633178227A0C446920908967E6F2F4979BE77209C7377B9A41B90F5F31B41B3 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:45:16.0817 0x0840  msahci - ok
15:45:16.0857 0x0840  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:45:16.0890 0x0840  msdsm - ok
15:45:16.0921 0x0840  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
15:45:16.0993 0x0840  MSDTC - ok
15:45:17.0034 0x0840  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:45:17.0159 0x0840  Msfs - ok
15:45:17.0191 0x0840  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:45:17.0216 0x0840  msisadrv - ok
15:45:17.0253 0x0840  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:45:17.0332 0x0840  MSiSCSI - ok
15:45:17.0339 0x0840  msiserver - ok
15:45:17.0368 0x0840  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:45:17.0474 0x0840  MSKSSRV - ok
15:45:17.0566 0x0840  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:45:17.0600 0x0840  MsMpSvc - ok
15:45:17.0647 0x0840  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:45:17.0727 0x0840  MSPCLOCK - ok
15:45:17.0744 0x0840  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:45:17.0843 0x0840  MSPQM - ok
15:45:17.0922 0x0840  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:45:17.0974 0x0840  MsRPC - ok
15:45:17.0997 0x0840  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:45:18.0024 0x0840  mssmbios - ok
15:45:18.0078 0x0840  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:45:18.0143 0x0840  MSTEE - ok
15:45:18.0168 0x0840  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:45:18.0201 0x0840  Mup - ok
15:45:18.0392 0x0840  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
15:45:18.0492 0x0840  napagent - ok
15:45:18.0584 0x0840  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:45:18.0630 0x0840  NativeWifiP - ok
15:45:18.0732 0x0840  [ 54803EAE413ED3AB97976674B0EF122A, B06D419B84EA1FB9EA218D5379F2DD32B0739D029A51DD75CA74C01F25BAA806 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:45:18.0807 0x0840  NDIS - ok
15:45:18.0842 0x0840  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:45:18.0904 0x0840  NdisTapi - ok
15:45:18.0981 0x0840  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:45:19.0046 0x0840  Ndisuio - ok
15:45:19.0123 0x0840  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:45:19.0180 0x0840  NdisWan - ok
15:45:19.0197 0x0840  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:45:19.0261 0x0840  NDProxy - ok
15:45:19.0295 0x0840  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:45:19.0376 0x0840  NetBIOS - ok
15:45:19.0451 0x0840  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:45:19.0610 0x0840  netbt - ok
15:45:19.0630 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
15:45:19.0668 0x0840  Netlogon - ok
15:45:19.0715 0x0840  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
15:45:19.0877 0x0840  Netman - ok
15:45:19.0951 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0139 0x0840  NetMsmqActivator - ok
15:45:20.0154 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0195 0x0840  NetPipeActivator - ok
15:45:20.0249 0x0840  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
15:45:20.0351 0x0840  netprofm - ok
15:45:20.0378 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0415 0x0840  NetTcpActivator - ok
15:45:20.0430 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0467 0x0840  NetTcpPortSharing - ok
15:45:20.0510 0x0840  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:45:20.0536 0x0840  nfrd960 - ok
15:45:20.0607 0x0840  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:45:20.0657 0x0840  NisDrv - ok
15:45:20.0843 0x0840  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:45:20.0921 0x0840  NisSrv - ok
15:45:20.0976 0x0840  [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:45:21.0029 0x0840  NlaSvc - ok
15:45:21.0120 0x0840  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
15:45:21.0144 0x0840  NPF - ok
15:45:21.0247 0x0840  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:45:21.0354 0x0840  Npfs - ok
15:45:21.0394 0x0840  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
15:45:21.0476 0x0840  nsi - ok
15:45:21.0501 0x0840  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:45:21.0590 0x0840  nsiproxy - ok
15:45:21.0734 0x0840  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:45:22.0064 0x0840  Ntfs - ok
15:45:22.0096 0x0840  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
15:45:22.0168 0x0840  Null - ok
15:45:22.0211 0x0840  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:45:22.0242 0x0840  nvraid - ok
15:45:22.0256 0x0840  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:45:22.0290 0x0840  nvstor - ok
15:45:22.0317 0x0840  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:45:22.0347 0x0840  nv_agp - ok
15:45:22.0355 0x0840  NwlnkFlt - ok
15:45:22.0367 0x0840  NwlnkFwd - ok
15:45:22.0422 0x0840  [ 404B0121AE1A75D9A63B6934EB07C258, 86C423955252DDD519407F22C9A28B3AA952C088494470D622ECDC1C6569FC7E ] OA008Ufd        C:\Windows\system32\DRIVERS\OA008Ufd.sys
15:45:22.0460 0x0840  OA008Ufd - ok
15:45:22.0496 0x0840  [ 126885007E8F601861165FC77C93F1BE, AD93B726AEA981C89C1E250CFCB89FB35EC8FACF7D80A3DCEA62F983DD3DAEF2 ] OA008Vid        C:\Windows\system32\DRIVERS\OA008Vid.sys
15:45:22.0537 0x0840  OA008Vid - ok
15:45:22.0690 0x0840  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:45:22.0740 0x0840  odserv - ok
15:45:22.0821 0x0840  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:45:22.0879 0x0840  ohci1394 - ok
15:45:22.0928 0x0840  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:45:22.0958 0x0840  ose - ok
15:45:23.0065 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:45:23.0254 0x0840  p2pimsvc - ok
15:45:23.0329 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:45:23.0532 0x0840  p2psvc - ok
15:45:23.0611 0x0840  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
15:45:23.0794 0x0840  Parport - ok
15:45:23.0856 0x0840  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:45:23.0885 0x0840  partmgr - ok
15:45:23.0937 0x0840  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:45:23.0980 0x0840  PcaSvc - ok
15:45:24.0099 0x0840  [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:45:24.0151 0x0840  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:45:24.0507 0x0840  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
15:45:24.0545 0x0840  pci - ok
15:45:24.0593 0x0840  [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:45:24.0618 0x0840  pciide - ok
15:45:24.0698 0x0840  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:45:24.0732 0x0840  pcmcia - ok
15:45:24.0922 0x0840  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:45:25.0182 0x0840  PEAUTH - ok
15:45:25.0408 0x0840  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:45:25.0521 0x0840  PerfHost - ok
15:45:25.0646 0x0840  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
15:45:25.0999 0x0840  pla - ok
15:45:26.0113 0x0840  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:45:26.0217 0x0840  PlugPlay - ok
15:45:26.0315 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:45:26.0411 0x0840  PNRPAutoReg - ok
15:45:26.0481 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:45:26.0611 0x0840  PNRPsvc - ok
15:45:26.0876 0x0840  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:45:26.0958 0x0840  PolicyAgent - ok
15:45:27.0020 0x0840  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:45:27.0082 0x0840  PptpMiniport - ok
15:45:27.0133 0x0840  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
15:45:27.0201 0x0840  Processor - ok
15:45:27.0332 0x0840  [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc         C:\Windows\system32\profsvc.dll
15:45:27.0483 0x0840  ProfSvc - ok
15:45:27.0496 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:45:27.0564 0x0840  ProtectedStorage - ok
15:45:27.0673 0x0840  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:45:27.0727 0x0840  PSched - ok
15:45:27.0770 0x0840  [ 46851BC18322DA70F3F2299A1007C479, B2F0744F8B3AC0569D713773B8639EC225B80DD4C7D45C6B18423C52AFFAF17C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:45:27.0799 0x0840  PxHlpa64 - ok
15:45:27.0945 0x0840  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:45:28.0157 0x0840  ql2300 - ok
15:45:28.0222 0x0840  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:45:28.0252 0x0840  ql40xx - ok
15:45:28.0314 0x0840  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
15:45:28.0360 0x0840  QWAVE - ok
15:45:28.0413 0x0840  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:45:28.0444 0x0840  QWAVEdrv - ok
15:45:28.0875 0x0840  [ CEF278088637401F07A0064B0B900A32, 42934B3D76A90383701E5692D6131752551EF7849D0ECD355923D464A2BA096D ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
15:45:29.0484 0x0840  R300 - ok
15:45:29.0532 0x0840  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:45:29.0599 0x0840  RasAcd - ok
15:45:29.0668 0x0840  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
15:45:29.0746 0x0840  RasAuto - ok
15:45:29.0802 0x0840  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:45:29.0856 0x0840  Rasl2tp - ok
15:45:29.0904 0x0840  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
15:45:29.0980 0x0840  RasMan - ok
15:45:30.0196 0x0840  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:45:30.0247 0x0840  RasPppoe - ok
15:45:30.0290 0x0840  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:45:30.0321 0x0840  RasSstp - ok
15:45:30.0392 0x0840  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:45:30.0467 0x0840  rdbss - ok
15:45:30.0502 0x0840  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:45:30.0589 0x0840  RDPCDD - ok
15:45:30.0646 0x0840  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:45:30.0743 0x0840  rdpdr - ok
15:45:30.0802 0x0840  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:45:30.0869 0x0840  RDPENCDD - ok
15:45:31.0021 0x0840  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:45:31.0182 0x0840  RDPWD - ok
15:45:31.0235 0x0840  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:45:31.0354 0x0840  RemoteAccess - ok
15:45:31.0527 0x0840  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:45:31.0608 0x0840  RemoteRegistry - ok
15:45:31.0652 0x0840  [ D13D70FAC45FC1DF69F88559B1F72F0A, E940D912DAE83A592116027F6CBBC08E38437A186D15BE805E3CC5461A4E7B71 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
15:45:31.0679 0x0840  rimmptsk - ok
15:45:31.0717 0x0840  [ BB9EDC55B0B8CB4FCD713428820E0776, 5342230EFF26C7307AFA0E89B7AC7BD5BE5F344DFB5EBFFFE6A449F40280ED21 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
15:45:31.0745 0x0840  rimsptsk - ok
15:45:31.0783 0x0840  [ 481C3FDEACAAE04B74C58288DBC91DF9, D7F2AB5E97C0293A5CAC977695EC1D0DBB354D0EA3662D37803098D9477DE03F ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
15:45:31.0812 0x0840  rismxdp - ok
15:45:31.0869 0x0840  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
15:45:31.0919 0x0840  rpcapd - ok
15:45:31.0965 0x0840  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
15:45:31.0994 0x0840  RpcLocator - ok
15:45:32.0089 0x0840  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
15:45:32.0224 0x0840  RpcSs - ok
15:45:32.0276 0x0840  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:45:32.0381 0x0840  rspndr - ok
15:45:32.0478 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
15:45:32.0509 0x0840  SamSs - ok
15:45:32.0547 0x0840  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:45:32.0577 0x0840  sbp2port - ok
15:45:32.0657 0x0840  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:45:32.0732 0x0840  SCardSvr - ok
15:45:32.0882 0x0840  [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule        C:\Windows\system32\schedsvc.dll
15:45:33.0217 0x0840  Schedule - ok
15:45:33.0292 0x0840  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:45:33.0362 0x0840  SCPolicySvc - ok
15:45:33.0422 0x0840  [ BE100BC2BE2513314C717BB2C4CFFF10, 8D798CCB6FEA7D0B3943FEDE3AB43BB50DC4EA8D6FECBD906157BA20C63A1393 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:45:33.0475 0x0840  sdbus - ok
15:45:33.0513 0x0840  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:45:33.0550 0x0840  SDRSVC - ok
15:45:33.0588 0x0840  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:45:33.0731 0x0840  secdrv - ok
15:45:33.0786 0x0840  [ 251F63DD48559F73766E1159F94A6BD1, 4B18A3DDA49E6E189F44CBFB6387444EE4556B29F040E93A6798B3ACEAE0C382 ] seclogon        C:\Windows\system32\seclogon.dll
15:45:33.0818 0x0840  seclogon - ok
15:45:33.0899 0x0840  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
15:45:34.0015 0x0840  SENS - ok
15:45:34.0048 0x0840  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:45:34.0237 0x0840  Serenum - ok
15:45:34.0277 0x0840  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys
15:45:34.0442 0x0840  Serial - ok
15:45:34.0474 0x0840  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:45:34.0569 0x0840  sermouse - ok
15:45:34.0634 0x0840  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
15:45:34.0724 0x0840  SessionEnv - ok
15:45:34.0790 0x0840  [ 3A19C899BCF0EA24CFEC2038E6A489DB, C42F568D3BC9DAA1B6DF2FEE8D6015CC223B8F2442C4C414CE682AFE33F146F4 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:45:34.0839 0x0840  sffdisk - ok
15:45:34.0848 0x0840  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:45:34.0934 0x0840  sffp_mmc - ok
15:45:34.0967 0x0840  [ FDCA63A2EEE528585EB66CEAC183EC22, D7990D4A402A80233DD5AFFFBDBAD4DBEEB0959B17A78B3A02EB0B530A0077AA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:45:35.0023 0x0840  sffp_sd - ok
15:45:35.0057 0x0840  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:45:35.0191 0x0840  sfloppy - ok
15:45:35.0303 0x0840  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:45:35.0475 0x0840  SftService - ok
15:45:35.0585 0x0840  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:45:35.0688 0x0840  SharedAccess - ok
15:45:35.0809 0x0840  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:45:35.0873 0x0840  ShellHWDetection - ok
15:45:35.0915 0x0840  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:45:35.0944 0x0840  SiSRaid2 - ok
15:45:35.0968 0x0840  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:45:36.0001 0x0840  SiSRaid4 - ok
15:45:36.0074 0x0840  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:45:36.0157 0x0840  SkypeUpdate - ok
15:45:36.0285 0x0840  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
15:45:36.0312 0x0840  SLEE_16_DRIVER - ok
15:45:36.0555 0x0840  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
15:45:37.0404 0x0840  slsvc - ok
15:45:37.0490 0x0840  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:45:37.0546 0x0840  SLUINotify - ok
15:45:37.0612 0x0840  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:45:37.0672 0x0840  Smb - ok
15:45:37.0727 0x0840  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:45:37.0756 0x0840  SNMPTRAP - ok
15:45:37.0823 0x0840  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:45:37.0852 0x0840  spldr - ok
15:45:37.0924 0x0840  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
15:45:37.0973 0x0840  Spooler - ok
15:45:38.0048 0x0840  [ 4A3CE977E95070922EBA8EEE80EF08C0, EDC0DB3CBB20F7E4E517078C67CB4833F415EA386605011B13AE78C117DE0267 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:45:38.0168 0x0840  srv - ok
15:45:38.0228 0x0840  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:45:38.0300 0x0840  srv2 - ok
15:45:38.0330 0x0840  [ DA20A8B6800396211638D91F68FF09A6, 624ACDB9C4B20C3556ACD01E0794A7BAC0A8F867580210251540C5E14413A428 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:45:38.0365 0x0840  srvnet - ok
15:45:38.0419 0x0840  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:45:38.0581 0x0840  SSDPSRV - ok
15:45:38.0620 0x0840  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:45:38.0671 0x0840  SstpSvc - ok
15:45:38.0862 0x0840  [ C5DF63AE2693C9B6B01B4A2E6C1C64AC, 43101C32A8138F9D746226582032308DACF59D9E64977D719ED8BE08101C9C2F ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
15:45:38.0910 0x0840  STacSV - ok
15:45:38.0978 0x0840  [ BA16447226ABFD342E130D2F24F73D32, B0746CF374077B4434E9A1BF486A03D156CDB70E13012787C7CE5E662D50A12D ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
15:45:39.0060 0x0840  STHDA - ok
15:45:39.0144 0x0840  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
15:45:39.0284 0x0840  stisvc - ok
15:45:39.0367 0x0840  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:45:39.0389 0x0840  stllssvr - ok
15:45:39.0447 0x0840  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:45:39.0470 0x0840  swenum - ok
15:45:39.0567 0x0840  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
15:45:39.0652 0x0840  swprv - ok
15:45:39.0688 0x0840  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:45:39.0715 0x0840  Symc8xx - ok
15:45:39.0725 0x0840  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:45:39.0751 0x0840  Sym_hi - ok
15:45:39.0764 0x0840  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:45:39.0794 0x0840  Sym_u3 - ok
15:45:39.0870 0x0840  [ 79A93EC9D224B1F43C0E2F023D61DCA3, B6BD0F62506E5E59D1B7CE278D7803A75F4243C228D9683E2933CAFB1E4264D5 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:45:39.0903 0x0840  SynTP - ok
15:45:40.0032 0x0840  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
15:45:40.0234 0x0840  SysMain - ok
15:45:40.0407 0x0840  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
15:45:40.0446 0x0840  TabletInputService - ok
15:45:40.0547 0x0840  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:45:40.0699 0x0840  TapiSrv - ok
15:45:40.0739 0x0840  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
15:45:40.0843 0x0840  TBS - ok
15:45:40.0972 0x0840  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:45:42.0896 0x0840  Tcpip - ok
15:45:43.0588 0x0840  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:45:44.0024 0x0840  Tcpip6 - ok
15:45:44.0153 0x0840  [ A7FF25D9B9DA36797BD1EA48DB292DCE, D89C946633E77765923BD698F2665DC03C5CF1676EB2BAF4450A856B2E856997 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:45:44.0188 0x0840  tcpipreg - ok
15:45:44.0308 0x0840  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:45:44.0373 0x0840  TDPIPE - ok
15:45:44.0405 0x0840  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:45:44.0502 0x0840  TDTCP - ok
15:45:44.0567 0x0840  [ A47CD175CF72CA5EEDB47C79532A7622, 1F682B002A64D2A8559005651F742DD3AFB50AE5D6DADAF4A75DD08410385FBF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:45:44.0602 0x0840  tdx - ok
15:45:44.0687 0x0840  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:45:44.0718 0x0840  TermDD - ok
15:45:44.0819 0x0840  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
15:45:44.0909 0x0840  TermService - ok
15:45:44.0959 0x0840  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
15:45:45.0029 0x0840  Themes - ok
15:45:45.0084 0x0840  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:45:45.0178 0x0840  THREADORDER - ok
15:45:45.0225 0x0840  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
15:45:45.0341 0x0840  TrkWks - ok
15:45:45.0425 0x0840  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:45:45.0475 0x0840  TrustedInstaller - ok
15:45:45.0519 0x0840  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:45.0547 0x0840  tssecsrv - ok
15:45:45.0612 0x0840  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:45:45.0640 0x0840  tunmp - ok
15:45:45.0739 0x0840  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:45:45.0768 0x0840  tunnel - ok
15:45:45.0794 0x0840  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:45:45.0825 0x0840  uagp35 - ok
15:45:45.0925 0x0840  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:45:46.0024 0x0840  udfs - ok
15:45:46.0076 0x0840  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:45:46.0195 0x0840  UI0Detect - ok
15:45:46.0228 0x0840  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:45:46.0258 0x0840  uliagpkx - ok
15:45:46.0306 0x0840  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:45:46.0347 0x0840  uliahci - ok
15:45:46.0369 0x0840  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:45:46.0402 0x0840  UlSata - ok
15:45:46.0439 0x0840  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:45:46.0478 0x0840  ulsata2 - ok
15:45:46.0509 0x0840  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:45:46.0699 0x0840  umbus - ok
15:45:46.0847 0x0840  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
15:45:47.0032 0x0840  upnphost - ok
15:45:47.0301 0x0840  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:45:47.0337 0x0840  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:45:49.0744 0x0840  Detect skipped due to KSN trusted
15:45:49.0744 0x0840  USBAAPL64 - ok
15:45:50.0441 0x0840  [ 74110424CA94EE0352D99614CF927683, 392EF1851EF5306439252331DDC5FA53B535E1AA03B8784C6C1E675301C032B4 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:50.0477 0x0840  usbccgp - ok
15:45:50.0779 0x0840  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:45:50.0895 0x0840  usbcir - ok
15:45:50.0950 0x0840  [ F683D12010A905AAB7E9E3100F44269E, 31D3CBDFF20234D3D9F21FFE9BF1D38CADDB5F0382436CD75488DC8D1DA3FC8C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:45:50.0980 0x0840  usbehci - ok
15:45:51.0041 0x0840  [ 558C0F1D3C5CECA5B5CF631FF8B71C02, DE3CDBF9C7D040CA48B51031765149B30F27F93C40FB7DE780B2D5B9312F8B66 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:45:51.0090 0x0840  usbhub - ok
15:45:51.0146 0x0840  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:45:51.0287 0x0840  usbohci - ok
15:45:51.0340 0x0840  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:45:51.0406 0x0840  usbprint - ok
15:45:51.0598 0x0840  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:45:51.0669 0x0840  usbscan - ok
15:45:51.0715 0x0840  [ 2702146BBD36B2AF1514CCC1F914646C, 6943396692E64782F04EA2FE40D3C6B6B5CC4E6DD3CFCB5739015AB509EEB3AE ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:51.0758 0x0840  USBSTOR - ok
15:45:51.0828 0x0840  [ 6C94F3CE023AB61330974DFD970EA3E6, CE324BB637132725FC90D9712E4B2B9F50957678C5DF7BB1452B69BE819075B8 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:45:51.0856 0x0840  usbuhci - ok
15:45:51.0917 0x0840  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:45:51.0990 0x0840  usbvideo - ok
15:45:52.0073 0x0840  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
15:45:52.0128 0x0840  UxSms - ok
15:45:52.0214 0x0840  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
15:45:52.0429 0x0840  vds - ok
15:45:52.0621 0x0840  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:52.0687 0x0840  vga - ok
15:45:52.0756 0x0840  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:45:52.0887 0x0840  VgaSave - ok
15:45:52.0910 0x0840  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:45:52.0932 0x0840  viaide - ok
15:45:53.0015 0x0840  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:45:53.0049 0x0840  volmgr - ok
15:45:53.0183 0x0840  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:45:53.0235 0x0840  volmgrx - ok
15:45:53.0288 0x0840  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:45:53.0374 0x0840  volsnap - ok
15:45:53.0516 0x0840  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:45:53.0553 0x0840  vsmraid - ok
15:45:53.0761 0x0840  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
15:45:54.0192 0x0840  VSS - ok
15:45:54.0367 0x0840  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
15:45:54.0562 0x0840  W32Time - ok
15:45:54.0593 0x0840  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:45:54.0753 0x0840  WacomPen - ok
15:45:54.0843 0x0840  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:45:54.0951 0x0840  Wanarp - ok
15:45:54.0962 0x0840  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:45:55.0047 0x0840  Wanarpv6 - ok
15:45:55.0188 0x0840  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:45:55.0393 0x0840  wcncsvc - ok
15:45:55.0461 0x0840  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:45:55.0548 0x0840  WcsPlugInService - ok
15:45:55.0579 0x0840  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
15:45:55.0612 0x0840  Wd - ok
15:45:55.0718 0x0840  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:45:55.0871 0x0840  Wdf01000 - ok
15:45:55.0898 0x0840  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:45:56.0029 0x0840  WdiServiceHost - ok
15:45:56.0039 0x0840  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:45:56.0180 0x0840  WdiSystemHost - ok
15:45:56.0250 0x0840  [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient       C:\Windows\System32\webclnt.dll
15:45:56.0352 0x0840  WebClient - ok
15:45:56.0414 0x0840  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:45:56.0484 0x0840  Wecsvc - ok
15:45:56.0498 0x0840  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:45:56.0611 0x0840  wercplsupport - ok
15:45:56.0650 0x0840  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:45:56.0771 0x0840  WerSvc - ok
15:45:56.0805 0x0840  WinDefend - ok
15:45:56.0821 0x0840  WinHttpAutoProxySvc - ok
15:45:57.0027 0x0840  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:45:57.0238 0x0840  Winmgmt - ok
15:45:57.0418 0x0840  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
15:45:58.0171 0x0840  WinRM - ok
15:45:58.0304 0x0840  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:45:58.0552 0x0840  Wlansvc - ok
15:45:58.0561 0x0840  wltrysvc - ok
15:45:58.0619 0x0840  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:45:58.0645 0x0840  WmiAcpi - ok
15:45:58.0742 0x0840  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:45:58.0894 0x0840  wmiApSrv - ok
15:45:58.0927 0x0840  WMPNetworkSvc - ok
15:45:59.0010 0x0840  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:45:59.0124 0x0840  WPCSvc - ok
15:45:59.0241 0x0840  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:45:59.0285 0x0840  WPDBusEnum - ok
15:45:59.0421 0x0840  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:45:59.0491 0x0840  WpdUsb - ok
15:45:59.0782 0x0840  [ 4CF27ED8D93A30BAA6F4DF50E62B7675, BDD0BD5C8DF13E0617429775F717E7078537C85921750BD3FE8401D7302166FD ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:46:00.0109 0x0840  WPFFontCache_v0400 - ok
15:46:00.0150 0x0840  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:46:00.0260 0x0840  ws2ifsl - ok
15:46:00.0471 0x0840  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:46:00.0886 0x0840  wscsvc - ok
15:46:00.0908 0x0840  WSearch - ok
15:46:01.0111 0x0840  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:46:01.0989 0x0840  wuauserv - ok
15:46:02.0107 0x0840  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:46:02.0139 0x0840  WudfPf - ok
15:46:02.0218 0x0840  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:02.0258 0x0840  WUDFRd - ok
15:46:02.0315 0x0840  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:46:02.0351 0x0840  wudfsvc - ok
15:46:02.0386 0x0840  ZTEusbmdm6k - ok
15:46:02.0400 0x0840  ZTEusbnmea - ok
15:46:02.0413 0x0840  ZTEusbser6k - ok
15:46:02.0475 0x0840  ================ Scan global ===============================
15:46:02.0551 0x0840  [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
15:46:02.0647 0x0840  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
15:46:02.0829 0x0840  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
15:46:02.0899 0x0840  [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
15:46:02.0955 0x0840  [ Global ] - ok
15:46:02.0956 0x0840  ================ Scan MBR ==================================
15:46:02.0978 0x0840  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
15:46:04.0039 0x0840  \Device\Harddisk0\DR0 - ok
15:46:04.0040 0x0840  ================ Scan VBR ==================================
15:46:04.0087 0x0840  [ 1C981D0E92186A444F16C0BD0130D3EA ] \Device\Harddisk0\DR0\Partition1
15:46:04.0150 0x0840  \Device\Harddisk0\DR0\Partition1 - ok
15:46:04.0169 0x0840  [ B75FF2AEF26B9C1F554507219A41DF21 ] \Device\Harddisk0\DR0\Partition2
15:46:04.0226 0x0840  \Device\Harddisk0\DR0\Partition2 - ok
15:46:04.0226 0x0840  ================ Scan generic autorun ======================
15:46:04.0282 0x0840  Windows Defender - ok
15:46:04.0383 0x0840  [ 21D9910EF7EA9C58C8E31EE2C29D5F49, 7F68C168AA029B61810297F21D340B6756F4140642DAD0E3F2CA22AF525312EB ] C:\Program Files\iTunes\iTunesHelper.exe
15:46:04.0418 0x0840  iTunesHelper - ok
15:46:04.0602 0x0840  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
15:46:04.0918 0x0840  MSC - ok
15:46:05.0071 0x0840  SunJavaUpdateSched - ok
15:46:05.0072 0x0840  SysTrayApp - ok
15:46:05.0215 0x0840  [ 2659F9B422673A98D5629FA3294F5DF3, C5245631EA9D17226C7246DC2702830440DBBE747A0FD5B59C778CAB8F8728AA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:46:05.0361 0x0840  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:46:08.0019 0x0840  Detect skipped due to KSN trusted
15:46:08.0019 0x0840  StartCCC - ok
15:46:08.0169 0x0840  [ 33A8CC84A281B4C7F7FBAA6DC3CA26A4, 095AF8B502AAA32BA080E0C54FBE796EEBB32AB6B57881C69215E6730C070CFF ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
15:46:08.0219 0x0840  Microsoft Default Manager - ok
15:46:08.0293 0x0840  [ 248FB4D46C7F4A39D601EA870EE55AC4, C9A3DA95F76AC9A6A032EE6DC18F9CA940B3A4A906B9DF983E5A8A6F1B8130A6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:46:08.0390 0x0840  SunJavaUpdateSched - ok
15:46:08.0520 0x0840  [ 4E4B8C43C94A6A408CA3D45FD049ECD0, 80C11CEC98CB2D91053207F989436335F4D15A1820037C958F07586A3BA083C2 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
15:46:08.0563 0x0840  Launcher - ok
15:46:08.0792 0x0840  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:09.0256 0x0840  Sidebar - ok
15:46:09.0262 0x0840  WindowsWelcomeCenter - ok
15:46:09.0358 0x0840  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:09.0861 0x0840  Sidebar - ok
15:46:09.0868 0x0840  WindowsWelcomeCenter - ok
15:46:10.0059 0x0840  [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe
15:46:10.0493 0x0840  Sidebar - ok
15:46:10.0660 0x0840  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe
15:46:10.0837 0x0840  f.lux - ok
15:46:11.0114 0x0840  [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:46:11.0184 0x0840  Dropbox Update - ok
15:46:11.0185 0x0840  Waiting for KSN requests completion. In queue: 59
15:46:12.0185 0x0840  Waiting for KSN requests completion. In queue: 59
15:46:13.0185 0x0840  Waiting for KSN requests completion. In queue: 8
15:46:15.0147 0x0840  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe (  ), 0x61000 ( enabled : updated )
15:46:15.0508 0x0840  Win FW state via NFP2: enabled ( trusted )
15:46:18.0009 0x0840  ============================================================
15:46:18.0009 0x0840  Scan finished
15:46:18.0009 0x0840  ============================================================
15:46:18.0032 0x0e04  Detected object count: 0
15:46:18.0032 0x0e04  Actual detected object count: 0

th.wm · 22.07.2016, 15:06

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
durchgeführt von Sophia (Administrator) auf SOPHIA-PC (22-07-2016 15:39:42)
Gestartet von C:\Users\Sophia\Downloads
Geladene Profile: Sophia &  (Verfügbare Profile: Sophia)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Media Player\setup_wm.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(PC-Doctor, Inc.) C:\Program Files\Dell Support Center\pcdrcui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_66\bin\jusched.exe"
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-19] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [f.lux] => C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d8327765-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d832776d-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {e999ee64-1075-11e6-bb43-0026b907cf2b} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [840704 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d8327765-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d832776d-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e999ee64-1075-11e6-bb43-0026b907cf2b} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [840704 2009-04-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{2641EED2-5F8E-4AC2-A38E-7655BB7C2B4A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EA085BBF-1A5F-492C-BE04-02E870D39C8D}: [DhcpNameServer] 192.168.179.1

Internet Explorer:
==================
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=skin
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=skin
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {C9C99FA8-8F23-4A82-9A91-1B400495DB37} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C9C99FA8-8F23-4A82-9A91-1B400495DB37} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.sueddeutsche.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\searchplugins\ecosia.xml [2015-10-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-07-18]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-06]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-21]
FF Extension: Yahoo! Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-02-13] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-02-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-02-03]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [Datei ist nicht signiert]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [Datei ist nicht signiert]
R2 ClipInc001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2230024 2009-05-27] ()
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [511232 2009-10-19] (AVerMedia TECHNOLOGIES, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 OA008Ufd; C:\Windows\System32\DRIVERS\OA008Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA008Vid; C:\Windows\System32\DRIVERS\OA008Vid.sys [313696 2009-05-06] (Creative Technology Ltd.)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-22 15:41 - 2016-07-22 15:45 - 00072750 _____ C:\TDSSKiller.3.1.0.9_22.07.2016_15.41.05_log.txt
2016-07-22 15:39 - 2016-07-22 15:45 - 00025060 _____ C:\Users\Sophia\Downloads\FRST.txt
2016-07-22 15:37 - 2016-07-22 15:38 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sophia\Downloads\tdsskiller.exe
2016-07-22 15:36 - 2016-07-22 15:36 - 02393600 _____ (Farbar) C:\Users\Sophia\Downloads\FRST64.exe
2016-07-17 17:15 - 2016-07-17 17:16 - 00009377 _____ C:\Users\Sophia\Desktop\OpenDocument Text (neu).odt
2016-07-15 21:14 - 2016-07-22 15:39 - 00000000 ____D C:\FRST
2016-07-15 20:46 - 2016-07-15 20:46 - 00028586 _____ C:\Users\Sophia\Desktop\mbam.txt
2016-07-13 22:33 - 2016-07-13 22:33 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 19:48 - 2016-07-11 19:48 - 00001758 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-11 19:48 - 2016-07-11 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-22 15:38 - 2011-07-24 10:03 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2016-07-22 15:37 - 2009-10-04 04:09 - 00000000 ____D C:\ProgramData\PCDr
2016-07-22 15:31 - 2010-02-22 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-22 15:30 - 2012-09-07 14:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-22 15:29 - 2011-07-24 10:02 - 00003536 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-07-22 15:29 - 2011-07-24 10:02 - 00000506 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-07-22 15:28 - 2015-09-28 16:10 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-07-22 15:27 - 2011-09-12 14:35 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-07-22 13:57 - 2016-01-03 15:24 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{994638B0-3BDB-4090-9335-EB2F209502B8}
2016-07-22 13:56 - 2011-09-12 14:35 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-07-22 13:55 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-22 13:55 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-21 18:29 - 2015-11-18 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-21 17:14 - 2008-01-21 13:10 - 01566504 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-21 17:14 - 2008-01-21 13:09 - 00674032 _____ C:\Windows\system32\perfh007.dat
2016-07-21 17:14 - 2008-01-21 13:09 - 00146012 _____ C:\Windows\system32\perfc007.dat
2016-07-21 17:14 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-07-21 17:04 - 2012-11-07 22:09 - 00000000 ___RD C:\Users\Sophia\Dropbox
2016-07-21 16:56 - 2012-02-03 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job
2016-07-21 16:50 - 2015-09-28 16:10 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-07-21 11:53 - 2013-06-08 21:49 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2016-07-21 11:53 - 2013-05-31 22:35 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2016-07-21 11:53 - 2009-10-07 17:14 - 00000000 ____D C:\Users\Sophia\AppData\Local\SoftThinks
2016-07-21 11:45 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-19 08:43 - 2006-11-02 17:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-15 21:05 - 2015-11-29 13:38 - 00000000 __HDC C:\Windows\$NtUninstallKB2845142_WM64$
2016-07-15 19:51 - 2012-09-07 14:58 - 00003738 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 19:51 - 2012-04-15 09:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 19:51 - 2011-10-20 20:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-15 18:56 - 2015-11-18 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-15 18:56 - 2015-11-18 18:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-15 18:50 - 2011-10-09 16:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-15 18:49 - 2009-10-04 03:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 22:33 - 2012-11-07 22:05 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Dropbox
2016-07-13 22:23 - 2016-01-10 23:37 - 00000000 ____D C:\Users\Sophia\Documents\Arbeit Norys
2016-07-11 19:48 - 2009-10-10 15:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-07 02:39 - 2011-01-03 12:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-04 15:34 - 2011-07-24 10:03 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-06-29 10:54 - 2011-07-24 10:03 - 00004272 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-26 14:39 - 2014-06-23 15:50 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2009-10-29 23:40 - 2011-01-02 13:49 - 0019513 _____ () C:\Users\Sophia\AppData\Roaming\UserTile.png
2009-10-07 20:56 - 2010-03-16 17:46 - 0000116 _____ () C:\Users\Sophia\AppData\Roaming\wklnhst.dat
2010-07-07 16:36 - 2015-03-11 18:32 - 0006836 _____ () C:\Users\Sophia\AppData\Local\d3d9caps.dat
2009-10-23 20:08 - 2016-01-27 04:02 - 0000732 _____ () C:\Users\Sophia\AppData\Local\d3d9caps64.dat
2009-10-07 19:32 - 2016-04-24 20:45 - 0113152 _____ () C:\Users\Sophia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-02 19:00 - 2016-02-02 19:00 - 0350652 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0422578 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0351580 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0004198 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0345682 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0423844 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0402450 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI7E5E.txt
2016-02-02 19:00 - 2016-02-02 19:00 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0011714 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0011146 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0011232 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0011370 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0011422 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI7E5E.txt
2016-03-22 23:39 - 2016-03-22 23:39 - 0000000 _____ () C:\Users\Sophia\AppData\Local\{5E14A3ED-25ED-44F1-8908-F37B7570D7EA}
2009-10-09 19:00 - 2009-12-21 20:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Einige Dateien in TEMP:
====================
C:\Users\Sophia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwh1uui.dll
C:\Users\Sophia\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Sophia\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Sophia\AppData\Local\Temp\mpam-c8247271.exe
C:\Users\Sophia\AppData\Local\Temp\rarext.dll
C:\Users\Sophia\AppData\Local\Temp\Risweb32.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-21 11:57

==================== Ende von FRST.txt ============================

th.wm · 22.07.2016, 15:07

Addition

Code:

ATTFilter

15:41:05.0713 0x097c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:41:19.0741 0x097c  ============================================================
15:41:19.0741 0x097c  Current date / time: 2016/07/22 15:41:19.0741
15:41:19.0741 0x097c  SystemInfo:
15:41:19.0741 0x097c  
15:41:19.0741 0x097c  OS Version: 6.0.6002 ServicePack: 2.0
15:41:19.0741 0x097c  Product type: Workstation
15:41:19.0742 0x097c  ComputerName: SOPHIA-PC
15:41:19.0742 0x097c  UserName: Sophia
15:41:19.0742 0x097c  Windows directory: C:\Windows
15:41:19.0742 0x097c  System windows directory: C:\Windows
15:41:19.0742 0x097c  Running under WOW64
15:41:19.0742 0x097c  Processor architecture: Intel x64
15:41:19.0742 0x097c  Number of processors: 2
15:41:19.0742 0x097c  Page size: 0x1000
15:41:19.0742 0x097c  Boot type: Normal boot
15:41:19.0742 0x097c  ============================================================
15:41:30.0037 0x097c  KLMD registered as C:\Windows\system32\drivers\05347654.sys
15:41:37.0032 0x097c  System UUID: {8F072ABE-FD38-A799-CBC3-6E8C9E777908}
15:41:44.0704 0x097c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:47.0968 0x097c  ============================================================
15:41:47.0968 0x097c  \Device\Harddisk0\DR0:
15:41:47.0984 0x097c  MBR partitions:
15:41:47.0984 0x097c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
15:41:47.0984 0x097c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x1B4657AB
15:41:47.0984 0x097c  ============================================================
15:41:48.0076 0x097c  C: <-> \Device\Harddisk0\DR0\Partition2
15:41:48.0134 0x097c  D: <-> \Device\Harddisk0\DR0\Partition1
15:41:48.0135 0x097c  ============================================================
15:41:48.0135 0x097c  Initialize success
15:41:48.0135 0x097c  ============================================================
15:43:57.0091 0x0840  ============================================================
15:43:57.0091 0x0840  Scan started
15:43:57.0091 0x0840  Mode: Manual; SigCheck; TDLFS; 
15:43:57.0091 0x0840  ============================================================
15:43:57.0091 0x0840  KSN ping started
15:44:01.0414 0x0840  KSN ping finished: true
15:44:17.0768 0x0840  ================ Scan system memory ========================
15:44:17.0768 0x0840  System memory - ok
15:44:17.0769 0x0840  ================ Scan services =============================
15:44:18.0510 0x0840  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:44:19.0545 0x0840  ACPI - ok
15:44:20.0099 0x0840  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:44:20.0131 0x0840  AdobeARMservice - ok
15:44:21.0333 0x0840  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:44:21.0510 0x0840  AdobeFlashPlayerUpdateSvc - ok
15:44:21.0726 0x0840  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:44:21.0817 0x0840  adp94xx - ok
15:44:22.0047 0x0840  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:44:22.0091 0x0840  adpahci - ok
15:44:22.0119 0x0840  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:44:22.0270 0x0840  adpu160m - ok
15:44:22.0299 0x0840  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:44:22.0372 0x0840  adpu320 - ok
15:44:22.0434 0x0840  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:44:22.0622 0x0840  AeLookupSvc - ok
15:44:22.0850 0x0840  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
15:44:22.0894 0x0840  AESTFilters - ok
15:44:23.0029 0x0840  [ 8C771D6FBEE9D6F2E7DDE165940CB513, 1DDD7B495D12446F7FF206102D64D92D063C84EEA8D2F015F727721DC970BBE1 ] AFD             C:\Windows\system32\drivers\afd.sys
15:44:23.0134 0x0840  AFD - ok
15:44:23.0210 0x0840  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:44:23.0243 0x0840  agp440 - ok
15:44:23.0326 0x0840  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:44:23.0360 0x0840  aic78xx - ok
15:44:23.0405 0x0840  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
15:44:23.0881 0x0840  ALG - ok
15:44:24.0010 0x0840  [ 9544C2C55541C0C6BFD7B489D0E7D430, E242A7632BB51C965A7D2E2B0112C75018C0BB4B9A574920E44756E3AC1D8E77 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:44:24.0059 0x0840  aliide - ok
15:44:24.0088 0x0840  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:44:24.0146 0x0840  amdide - ok
15:44:24.0164 0x0840  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:44:24.0287 0x0840  AmdK8 - ok
15:44:24.0415 0x0840  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
15:44:24.0462 0x0840  Appinfo - ok
15:44:24.0601 0x0840  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:24.0646 0x0840  Apple Mobile Device Service - ok
15:44:24.0721 0x0840  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
15:44:24.0769 0x0840  arc - ok
15:44:24.0795 0x0840  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:44:24.0825 0x0840  arcsas - ok
15:44:25.0165 0x0840  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:44:25.0292 0x0840  aspnet_state - ok
15:44:25.0335 0x0840  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:25.0582 0x0840  AsyncMac - ok
15:44:25.0652 0x0840  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
15:44:25.0690 0x0840  atapi - ok
15:44:25.0794 0x0840  [ 00DACE1D9A0DA60215022C6B1FAC1673, BF9C0658F609DB5B633AE143ED818C20FCDEDB62F1D61518983FC2A0FC3A5180 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:44:26.0115 0x0840  Ati External Event Utility - ok
15:44:26.0775 0x0840  [ CEF278088637401F07A0064B0B900A32, 42934B3D76A90383701E5692D6131752551EF7849D0ECD355923D464A2BA096D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:44:27.0965 0x0840  atikmdag - ok
15:44:28.0196 0x0840  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:44:28.0335 0x0840  AudioEndpointBuilder - ok
15:44:28.0366 0x0840  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:44:28.0432 0x0840  AudioSrv - ok
15:44:28.0597 0x0840  [ F0FC8614A0200F0DFEF70FEA581CB84E, 08967ABB73904D70A963F3D0B7BAD60ED4CD38FE8FA3A8B1DFE39F305DF25E35 ] AVerAF35        C:\Windows\system32\Drivers\AVerAF35.sys
15:44:28.0756 0x0840  AVerAF35 - ok
15:44:29.0602 0x0840  [ A33C07F7527FC4CBC664C3137EB7D744, 09D15807D55F40E2E6B489D368C387A6EC1E123C8D2F745982B3CB43092503BB ] AVerRemote      C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
15:44:29.0935 0x0840  AVerRemote - detected UnsignedFile.Multi.Generic ( 1 )
15:44:32.0621 0x0840  Detect skipped due to KSN trusted
15:44:32.0621 0x0840  AVerRemote - ok
15:44:32.0742 0x0840  [ 9AEBB2D487D9BF4C0F354899D842EDD0, F859AAFFBC1D016F1E423E1D8C153BE961EBBBD21D8E36E9B62F70485D7D0D85 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
15:44:32.0945 0x0840  AVerScheduleService - detected UnsignedFile.Multi.Generic ( 1 )
15:44:35.0342 0x0840  Detect skipped due to KSN trusted
15:44:35.0342 0x0840  AVerScheduleService - ok
15:44:35.0446 0x0840  [ A7C9995BA861FCE78B2CEAAE61D39FD7, 47BB7487EF6FA61D2A6BA6E260A7CAD4CABF1BB52DAFE2D1E2C3F0C94507C49C ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
15:44:35.0595 0x0840  BCM42RLY - ok
15:44:35.0727 0x0840  [ 912012B708A7D8E8CE2EE55AFB663DFF, 41495708D2F530F9D90CCF346F0D769BED8C8EAE9BAB930450D91D14F6F134B7 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
15:44:36.0170 0x0840  BCM43XX - ok
15:44:36.0424 0x0840  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
15:44:36.0611 0x0840  BFE - ok
15:44:37.0038 0x0840  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
15:44:37.0346 0x0840  BITS - ok
15:44:37.0403 0x0840  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:44:37.0514 0x0840  blbdrive - ok
15:44:37.0774 0x0840  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:44:37.0821 0x0840  Bonjour Service - ok
15:44:37.0883 0x0840  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:44:37.0922 0x0840  bowser - ok
15:44:38.0017 0x0840  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:44:38.0066 0x0840  BrFiltLo - ok
15:44:38.0075 0x0840  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:44:38.0123 0x0840  BrFiltUp - ok
15:44:38.0354 0x0840  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
15:44:38.0497 0x0840  Browser - ok
15:44:38.0693 0x0840  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:44:38.0965 0x0840  Brserid - ok
15:44:39.0061 0x0840  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:44:39.0198 0x0840  BrSerWdm - ok
15:44:39.0271 0x0840  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:44:39.0483 0x0840  BrUsbMdm - ok
15:44:39.0618 0x0840  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:44:39.0762 0x0840  BrUsbSer - ok
15:44:39.0787 0x0840  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:44:40.0006 0x0840  BTHMODEM - ok
15:44:40.0093 0x0840  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:44:40.0285 0x0840  cdfs - ok
15:44:40.0400 0x0840  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:44:40.0499 0x0840  cdrom - ok
15:44:40.0773 0x0840  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:44:40.0843 0x0840  CertPropSvc - ok
15:44:40.0896 0x0840  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:44:41.0024 0x0840  circlass - ok
15:44:41.0097 0x0840  [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS            C:\Windows\system32\CLFS.sys
15:44:41.0150 0x0840  CLFS - ok
15:44:41.0716 0x0840  ClipInc001 - ok
15:44:41.0997 0x0840  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:42.0048 0x0840  clr_optimization_v2.0.50727_32 - ok
15:44:42.0151 0x0840  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:42.0185 0x0840  clr_optimization_v2.0.50727_64 - ok
15:44:42.0435 0x0840  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:42.0844 0x0840  clr_optimization_v4.0.30319_32 - ok
15:44:43.0065 0x0840  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:44:43.0284 0x0840  clr_optimization_v4.0.30319_64 - ok
15:44:43.0359 0x0840  [ B52D9A14CE4101577900A364BA86F3DF, A8AA928DDF5FE3861973D4EA03A5B700E99138236F1E8FF594293B9705BF470C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:43.0429 0x0840  CmBatt - ok
15:44:43.0668 0x0840  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:44:43.0693 0x0840  cmdide - ok
15:44:43.0774 0x0840  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:44:43.0850 0x0840  Compbatt - ok
15:44:43.0858 0x0840  COMSysApp - ok
15:44:43.0877 0x0840  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:44:43.0908 0x0840  crcdisk - ok
15:44:44.0181 0x0840  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:44:44.0260 0x0840  CryptSvc - ok
15:44:44.0369 0x0840  [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:44:44.0406 0x0840  CtClsFlt - ok
15:44:44.0604 0x0840  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:44:44.0832 0x0840  DcomLaunch - ok
15:44:44.0915 0x0840  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:44:44.0953 0x0840  DfsC - ok
15:44:45.0935 0x0840  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
15:44:46.0431 0x0840  DFSR - ok
15:44:46.0854 0x0840  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:44:46.0973 0x0840  Dhcp - ok
15:44:47.0052 0x0840  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
15:44:47.0085 0x0840  disk - ok
15:44:47.0247 0x0840  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:44:47.0286 0x0840  Dnscache - ok
15:44:47.0526 0x0840  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:44:47.0645 0x0840  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
15:44:50.0501 0x0840  Detect skipped due to KSN trusted
15:44:50.0501 0x0840  DockLoginService - ok
15:44:50.0989 0x0840  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
15:44:51.0067 0x0840  dot3svc - ok
15:44:51.0322 0x0840  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
15:44:51.0420 0x0840  DPS - ok
15:44:51.0506 0x0840  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:44:51.0536 0x0840  drmkaud - ok
15:44:51.0856 0x0840  [ 51991007674FB3548BE592F5071E747C, 4F73EBBAD41689057FC4CDB1570BA1C668A906722D302E00D87FACF024B514FC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:44:52.0174 0x0840  DXGKrnl - ok
15:44:52.0270 0x0840  [ 17D40652EF3E55EEAE187A89DF40965A, D49D45E64D52FE0FD10A3A5F537A5F7AA4387BE862A1A5544565A1D5D3CDAAE5 ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
15:44:52.0394 0x0840  e1express - ok
15:44:52.0457 0x0840  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:44:52.0582 0x0840  E1G60 - ok
15:44:52.0832 0x0840  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:44:52.0944 0x0840  EapHost - ok
15:44:52.0994 0x0840  [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:44:53.0030 0x0840  Ecache - ok
15:44:53.0165 0x0840  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:44:53.0237 0x0840  ehRecvr - ok
15:44:53.0272 0x0840  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
15:44:53.0311 0x0840  ehSched - ok
15:44:53.0384 0x0840  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
15:44:53.0411 0x0840  ehstart - ok
15:44:53.0489 0x0840  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:44:53.0652 0x0840  elxstor - ok
15:44:53.0727 0x0840  [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:44:53.0813 0x0840  EMDMgmt - ok
15:44:53.0843 0x0840  [ 991FAB6AA066E1214EFB5B496FB7959A, E0172B25BF127B18CA8FDEDF85A7DAAAB35BAE4F73E826C5767FF7DC50955FA5 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:44:53.0876 0x0840  ErrDev - ok
15:44:53.0982 0x0840  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
15:44:54.0271 0x0840  EventSystem - ok
15:44:54.0545 0x0840  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:44:54.0644 0x0840  exfat - ok
15:44:54.0694 0x0840  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:44:54.0739 0x0840  fastfat - ok
15:44:54.0854 0x0840  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:44:54.0942 0x0840  fdc - ok
15:44:55.0042 0x0840  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:44:55.0138 0x0840  fdPHost - ok
15:44:55.0189 0x0840  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:44:55.0358 0x0840  FDResPub - ok
15:44:55.0414 0x0840  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:44:55.0443 0x0840  FileInfo - ok
15:44:55.0491 0x0840  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:44:55.0562 0x0840  Filetrace - ok
15:44:55.0571 0x0840  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:55.0650 0x0840  flpydisk - ok
15:44:55.0728 0x0840  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:44:55.0769 0x0840  FltMgr - ok
15:44:55.0984 0x0840  [ DE26C43A170809645297C1B479B7F791, C76AAA07E6C4DD3E9C2035D88F63549D6A32C04329640617959BF86F50AEF735 ] FontCache       C:\Windows\system32\FntCache.dll
15:44:56.0283 0x0840  FontCache - ok
15:44:56.0378 0x0840  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:56.0402 0x0840  FontCache3.0.0.0 - ok
15:44:56.0467 0x0840  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:44:56.0638 0x0840  Fs_Rec - ok
15:44:56.0688 0x0840  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:44:56.0720 0x0840  gagp30kx - ok
15:44:56.0770 0x0840  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:44:56.0793 0x0840  GEARAspiWDM - ok
15:44:56.0897 0x0840  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:44:57.0053 0x0840  gpsvc - ok
15:44:57.0194 0x0840  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:57.0225 0x0840  gupdate - ok
15:44:57.0270 0x0840  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:57.0296 0x0840  gupdatem - ok
15:44:57.0370 0x0840  [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:44:57.0419 0x0840  HdAudAddService - ok
15:44:57.0761 0x0840  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:44:58.0083 0x0840  HDAudBus - ok
15:44:58.0259 0x0840  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:44:58.0389 0x0840  HidBth - ok
15:44:58.0717 0x0840  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:44:58.0851 0x0840  HidIr - ok
15:44:58.0996 0x0840  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
15:44:59.0050 0x0840  hidserv - ok
15:44:59.0405 0x0840  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:44:59.0433 0x0840  HidUsb - ok
15:44:59.0541 0x0840  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:44:59.0649 0x0840  hkmsvc - ok
15:44:59.0777 0x0840  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:44:59.0805 0x0840  HpCISSs - ok
15:44:59.0945 0x0840  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:45:00.0023 0x0840  HTTP - ok
15:45:00.0184 0x0840  [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:45:00.0218 0x0840  hwdatacard - ok
15:45:00.0244 0x0840  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:45:00.0271 0x0840  i2omp - ok
15:45:00.0313 0x0840  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:45:00.0385 0x0840  i8042prt - ok
15:45:00.0428 0x0840  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:45:00.0479 0x0840  iaStorV - ok
15:45:00.0822 0x0840  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:45:01.0095 0x0840  idsvc - ok
15:45:01.0176 0x0840  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:45:01.0203 0x0840  iirsp - ok
15:45:01.0369 0x0840  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
15:45:01.0895 0x0840  IKEEXT - ok
15:45:02.0521 0x0840  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
15:45:02.0548 0x0840  intelide - ok
15:45:02.0966 0x0840  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:45:03.0107 0x0840  intelppm - ok
15:45:03.0165 0x0840  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:45:03.0261 0x0840  IPBusEnum - ok
15:45:03.0832 0x0840  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:45:03.0943 0x0840  IpFilterDriver - ok
15:45:04.0225 0x0840  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:45:04.0359 0x0840  iphlpsvc - ok
15:45:04.0370 0x0840  IpInIp - ok
15:45:04.0441 0x0840  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:45:04.0578 0x0840  IPMIDRV - ok
15:45:04.0668 0x0840  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:45:04.0755 0x0840  IPNAT - ok
15:45:05.0048 0x0840  [ 0BE777523E5CB0E4F2CA2135DB4C60C8, 979BBAC7EAD3F5C913155BC12BB1B87D1EFD39D92293195D50805D657ABECC6D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:45:05.0158 0x0840  iPod Service - ok
15:45:05.0201 0x0840  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:45:05.0470 0x0840  IRENUM - ok
15:45:05.0633 0x0840  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:45:05.0662 0x0840  isapnp - ok
15:45:06.0185 0x0840  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:45:06.0232 0x0840  iScsiPrt - ok
15:45:06.0337 0x0840  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:45:06.0366 0x0840  iteatapi - ok
15:45:06.0427 0x0840  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:45:06.0451 0x0840  iteraid - ok
15:45:06.0682 0x0840  [ EB5C7891B9E6E4A1A4428F2160B12B53, 3569AB6F037D0B8650AF9CD107B49627E639A56141848A2763E2526D0A680ED0 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:45:06.0724 0x0840  k57nd60a - ok
15:45:06.0767 0x0840  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:45:06.0800 0x0840  kbdclass - ok
15:45:06.0952 0x0840  [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:45:07.0029 0x0840  kbdhid - ok
15:45:07.0119 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
15:45:07.0149 0x0840  KeyIso - ok
15:45:07.0226 0x0840  [ 8A4507582C71261627A7F89198A91B51, B591CB996EA109CD167FBE7CB61A2FEFF8C864B3BF6B0C1D566881936E213EAB ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:45:07.0296 0x0840  KSecDD - ok
15:45:07.0370 0x0840  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:45:07.0546 0x0840  ksthunk - ok
15:45:07.0876 0x0840  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:45:08.0268 0x0840  KtmRm - ok
15:45:08.0574 0x0840  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:45:08.0841 0x0840  LanmanServer - ok
15:45:08.0974 0x0840  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:45:09.0068 0x0840  LanmanWorkstation - ok
15:45:09.0336 0x0840  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:45:09.0441 0x0840  lltdio - ok
15:45:09.0689 0x0840  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:45:09.0772 0x0840  lltdsvc - ok
15:45:09.0976 0x0840  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:45:10.0092 0x0840  lmhosts - ok
15:45:10.0283 0x0840  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:45:10.0317 0x0840  LSI_FC - ok
15:45:10.0399 0x0840  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:45:10.0430 0x0840  LSI_SAS - ok
15:45:10.0493 0x0840  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:45:10.0527 0x0840  LSI_SCSI - ok
15:45:10.0619 0x0840  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:45:10.0737 0x0840  luafv - ok
15:45:11.0024 0x0840  massfilter - ok
15:45:11.0577 0x0840  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:45:11.0604 0x0840  MBAMProtector - ok
15:45:11.0937 0x0840  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:45:12.0489 0x0840  MBAMScheduler - ok
15:45:12.0762 0x0840  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:45:13.0181 0x0840  MBAMService - ok
15:45:13.0457 0x0840  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:45:13.0497 0x0840  MBAMSwissArmy - ok
15:45:13.0574 0x0840  [ 00080C25E22BD1C17F2B951F167D06D7, 1E554C521CBC7C4A8B76B877CA3F3AFE5485AF580D1AF9AA0E1B14C8C79CD9A6 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:45:13.0600 0x0840  MBAMWebAccessControl - ok
15:45:13.0651 0x0840  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:45:13.0686 0x0840  Mcx2Svc - ok
15:45:13.0775 0x0840  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:45:13.0805 0x0840  megasas - ok
15:45:13.0854 0x0840  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:45:13.0935 0x0840  MegaSR - ok
15:45:13.0954 0x0840  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
15:45:14.0081 0x0840  MMCSS - ok
15:45:14.0092 0x0840  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
15:45:14.0203 0x0840  Modem - ok
15:45:14.0260 0x0840  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:45:14.0337 0x0840  monitor - ok
15:45:14.0375 0x0840  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:45:14.0406 0x0840  mouclass - ok
15:45:14.0426 0x0840  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:45:14.0505 0x0840  mouhid - ok
15:45:14.0562 0x0840  [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:45:14.0601 0x0840  MountMgr - ok
15:45:14.0884 0x0840  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:45:14.0916 0x0840  MozillaMaintenance - ok
15:45:15.0085 0x0840  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:45:15.0183 0x0840  MpFilter - ok
15:45:15.0246 0x0840  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
15:45:15.0281 0x0840  mpio - ok
15:45:15.0321 0x0840  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:45:15.0374 0x0840  mpsdrv - ok
15:45:15.0491 0x0840  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:45:15.0957 0x0840  MpsSvc - ok
15:45:15.0991 0x0840  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:45:16.0017 0x0840  Mraid35x - ok
15:45:16.0083 0x0840  [ 0F09F5686FD2025C1607B3CA301E3D28, 04F96858C82EDF636F0C8CF8F2286D3A1229BBC9F06C2AFA7BDB9D5DC5BD69BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:45:16.0121 0x0840  MRxDAV - ok
15:45:16.0500 0x0840  [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:45:16.0536 0x0840  mrxsmb - ok
15:45:16.0602 0x0840  [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:45:16.0656 0x0840  mrxsmb10 - ok
15:45:16.0679 0x0840  [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:45:16.0714 0x0840  mrxsmb20 - ok
15:45:16.0785 0x0840  [ AA459F2AB3AB603C357FF117CAE3D818, C633178227A0C446920908967E6F2F4979BE77209C7377B9A41B90F5F31B41B3 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:45:16.0817 0x0840  msahci - ok
15:45:16.0857 0x0840  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:45:16.0890 0x0840  msdsm - ok
15:45:16.0921 0x0840  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
15:45:16.0993 0x0840  MSDTC - ok
15:45:17.0034 0x0840  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:45:17.0159 0x0840  Msfs - ok
15:45:17.0191 0x0840  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:45:17.0216 0x0840  msisadrv - ok
15:45:17.0253 0x0840  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:45:17.0332 0x0840  MSiSCSI - ok
15:45:17.0339 0x0840  msiserver - ok
15:45:17.0368 0x0840  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:45:17.0474 0x0840  MSKSSRV - ok
15:45:17.0566 0x0840  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:45:17.0600 0x0840  MsMpSvc - ok
15:45:17.0647 0x0840  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:45:17.0727 0x0840  MSPCLOCK - ok
15:45:17.0744 0x0840  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:45:17.0843 0x0840  MSPQM - ok
15:45:17.0922 0x0840  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:45:17.0974 0x0840  MsRPC - ok
15:45:17.0997 0x0840  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:45:18.0024 0x0840  mssmbios - ok
15:45:18.0078 0x0840  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:45:18.0143 0x0840  MSTEE - ok
15:45:18.0168 0x0840  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:45:18.0201 0x0840  Mup - ok
15:45:18.0392 0x0840  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
15:45:18.0492 0x0840  napagent - ok
15:45:18.0584 0x0840  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:45:18.0630 0x0840  NativeWifiP - ok
15:45:18.0732 0x0840  [ 54803EAE413ED3AB97976674B0EF122A, B06D419B84EA1FB9EA218D5379F2DD32B0739D029A51DD75CA74C01F25BAA806 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:45:18.0807 0x0840  NDIS - ok
15:45:18.0842 0x0840  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:45:18.0904 0x0840  NdisTapi - ok
15:45:18.0981 0x0840  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:45:19.0046 0x0840  Ndisuio - ok
15:45:19.0123 0x0840  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:45:19.0180 0x0840  NdisWan - ok
15:45:19.0197 0x0840  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:45:19.0261 0x0840  NDProxy - ok
15:45:19.0295 0x0840  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:45:19.0376 0x0840  NetBIOS - ok
15:45:19.0451 0x0840  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:45:19.0610 0x0840  netbt - ok
15:45:19.0630 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
15:45:19.0668 0x0840  Netlogon - ok
15:45:19.0715 0x0840  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
15:45:19.0877 0x0840  Netman - ok
15:45:19.0951 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0139 0x0840  NetMsmqActivator - ok
15:45:20.0154 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0195 0x0840  NetPipeActivator - ok
15:45:20.0249 0x0840  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
15:45:20.0351 0x0840  netprofm - ok
15:45:20.0378 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0415 0x0840  NetTcpActivator - ok
15:45:20.0430 0x0840  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:20.0467 0x0840  NetTcpPortSharing - ok
15:45:20.0510 0x0840  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:45:20.0536 0x0840  nfrd960 - ok
15:45:20.0607 0x0840  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:45:20.0657 0x0840  NisDrv - ok
15:45:20.0843 0x0840  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:45:20.0921 0x0840  NisSrv - ok
15:45:20.0976 0x0840  [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:45:21.0029 0x0840  NlaSvc - ok
15:45:21.0120 0x0840  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
15:45:21.0144 0x0840  NPF - ok
15:45:21.0247 0x0840  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:45:21.0354 0x0840  Npfs - ok
15:45:21.0394 0x0840  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
15:45:21.0476 0x0840  nsi - ok
15:45:21.0501 0x0840  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:45:21.0590 0x0840  nsiproxy - ok
15:45:21.0734 0x0840  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:45:22.0064 0x0840  Ntfs - ok
15:45:22.0096 0x0840  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
15:45:22.0168 0x0840  Null - ok
15:45:22.0211 0x0840  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:45:22.0242 0x0840  nvraid - ok
15:45:22.0256 0x0840  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:45:22.0290 0x0840  nvstor - ok
15:45:22.0317 0x0840  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:45:22.0347 0x0840  nv_agp - ok
15:45:22.0355 0x0840  NwlnkFlt - ok
15:45:22.0367 0x0840  NwlnkFwd - ok
15:45:22.0422 0x0840  [ 404B0121AE1A75D9A63B6934EB07C258, 86C423955252DDD519407F22C9A28B3AA952C088494470D622ECDC1C6569FC7E ] OA008Ufd        C:\Windows\system32\DRIVERS\OA008Ufd.sys
15:45:22.0460 0x0840  OA008Ufd - ok
15:45:22.0496 0x0840  [ 126885007E8F601861165FC77C93F1BE, AD93B726AEA981C89C1E250CFCB89FB35EC8FACF7D80A3DCEA62F983DD3DAEF2 ] OA008Vid        C:\Windows\system32\DRIVERS\OA008Vid.sys
15:45:22.0537 0x0840  OA008Vid - ok
15:45:22.0690 0x0840  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:45:22.0740 0x0840  odserv - ok
15:45:22.0821 0x0840  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:45:22.0879 0x0840  ohci1394 - ok
15:45:22.0928 0x0840  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:45:22.0958 0x0840  ose - ok
15:45:23.0065 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:45:23.0254 0x0840  p2pimsvc - ok
15:45:23.0329 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:45:23.0532 0x0840  p2psvc - ok
15:45:23.0611 0x0840  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
15:45:23.0794 0x0840  Parport - ok
15:45:23.0856 0x0840  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:45:23.0885 0x0840  partmgr - ok
15:45:23.0937 0x0840  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:45:23.0980 0x0840  PcaSvc - ok
15:45:24.0099 0x0840  [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:45:24.0151 0x0840  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:45:24.0507 0x0840  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
15:45:24.0545 0x0840  pci - ok
15:45:24.0593 0x0840  [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:45:24.0618 0x0840  pciide - ok
15:45:24.0698 0x0840  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:45:24.0732 0x0840  pcmcia - ok
15:45:24.0922 0x0840  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:45:25.0182 0x0840  PEAUTH - ok
15:45:25.0408 0x0840  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:45:25.0521 0x0840  PerfHost - ok
15:45:25.0646 0x0840  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
15:45:25.0999 0x0840  pla - ok
15:45:26.0113 0x0840  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:45:26.0217 0x0840  PlugPlay - ok
15:45:26.0315 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:45:26.0411 0x0840  PNRPAutoReg - ok
15:45:26.0481 0x0840  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:45:26.0611 0x0840  PNRPsvc - ok
15:45:26.0876 0x0840  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:45:26.0958 0x0840  PolicyAgent - ok
15:45:27.0020 0x0840  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:45:27.0082 0x0840  PptpMiniport - ok
15:45:27.0133 0x0840  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
15:45:27.0201 0x0840  Processor - ok
15:45:27.0332 0x0840  [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc         C:\Windows\system32\profsvc.dll
15:45:27.0483 0x0840  ProfSvc - ok
15:45:27.0496 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:45:27.0564 0x0840  ProtectedStorage - ok
15:45:27.0673 0x0840  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:45:27.0727 0x0840  PSched - ok
15:45:27.0770 0x0840  [ 46851BC18322DA70F3F2299A1007C479, B2F0744F8B3AC0569D713773B8639EC225B80DD4C7D45C6B18423C52AFFAF17C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:45:27.0799 0x0840  PxHlpa64 - ok
15:45:27.0945 0x0840  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:45:28.0157 0x0840  ql2300 - ok
15:45:28.0222 0x0840  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:45:28.0252 0x0840  ql40xx - ok
15:45:28.0314 0x0840  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
15:45:28.0360 0x0840  QWAVE - ok
15:45:28.0413 0x0840  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:45:28.0444 0x0840  QWAVEdrv - ok
15:45:28.0875 0x0840  [ CEF278088637401F07A0064B0B900A32, 42934B3D76A90383701E5692D6131752551EF7849D0ECD355923D464A2BA096D ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
15:45:29.0484 0x0840  R300 - ok
15:45:29.0532 0x0840  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:45:29.0599 0x0840  RasAcd - ok
15:45:29.0668 0x0840  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
15:45:29.0746 0x0840  RasAuto - ok
15:45:29.0802 0x0840  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:45:29.0856 0x0840  Rasl2tp - ok
15:45:29.0904 0x0840  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
15:45:29.0980 0x0840  RasMan - ok
15:45:30.0196 0x0840  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:45:30.0247 0x0840  RasPppoe - ok
15:45:30.0290 0x0840  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:45:30.0321 0x0840  RasSstp - ok
15:45:30.0392 0x0840  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:45:30.0467 0x0840  rdbss - ok
15:45:30.0502 0x0840  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:45:30.0589 0x0840  RDPCDD - ok
15:45:30.0646 0x0840  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:45:30.0743 0x0840  rdpdr - ok
15:45:30.0802 0x0840  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:45:30.0869 0x0840  RDPENCDD - ok
15:45:31.0021 0x0840  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:45:31.0182 0x0840  RDPWD - ok
15:45:31.0235 0x0840  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:45:31.0354 0x0840  RemoteAccess - ok
15:45:31.0527 0x0840  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:45:31.0608 0x0840  RemoteRegistry - ok
15:45:31.0652 0x0840  [ D13D70FAC45FC1DF69F88559B1F72F0A, E940D912DAE83A592116027F6CBBC08E38437A186D15BE805E3CC5461A4E7B71 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
15:45:31.0679 0x0840  rimmptsk - ok
15:45:31.0717 0x0840  [ BB9EDC55B0B8CB4FCD713428820E0776, 5342230EFF26C7307AFA0E89B7AC7BD5BE5F344DFB5EBFFFE6A449F40280ED21 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
15:45:31.0745 0x0840  rimsptsk - ok
15:45:31.0783 0x0840  [ 481C3FDEACAAE04B74C58288DBC91DF9, D7F2AB5E97C0293A5CAC977695EC1D0DBB354D0EA3662D37803098D9477DE03F ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
15:45:31.0812 0x0840  rismxdp - ok
15:45:31.0869 0x0840  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
15:45:31.0919 0x0840  rpcapd - ok
15:45:31.0965 0x0840  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
15:45:31.0994 0x0840  RpcLocator - ok
15:45:32.0089 0x0840  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
15:45:32.0224 0x0840  RpcSs - ok
15:45:32.0276 0x0840  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:45:32.0381 0x0840  rspndr - ok
15:45:32.0478 0x0840  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
15:45:32.0509 0x0840  SamSs - ok
15:45:32.0547 0x0840  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:45:32.0577 0x0840  sbp2port - ok
15:45:32.0657 0x0840  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:45:32.0732 0x0840  SCardSvr - ok
15:45:32.0882 0x0840  [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule        C:\Windows\system32\schedsvc.dll
15:45:33.0217 0x0840  Schedule - ok
15:45:33.0292 0x0840  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:45:33.0362 0x0840  SCPolicySvc - ok
15:45:33.0422 0x0840  [ BE100BC2BE2513314C717BB2C4CFFF10, 8D798CCB6FEA7D0B3943FEDE3AB43BB50DC4EA8D6FECBD906157BA20C63A1393 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:45:33.0475 0x0840  sdbus - ok
15:45:33.0513 0x0840  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:45:33.0550 0x0840  SDRSVC - ok
15:45:33.0588 0x0840  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:45:33.0731 0x0840  secdrv - ok
15:45:33.0786 0x0840  [ 251F63DD48559F73766E1159F94A6BD1, 4B18A3DDA49E6E189F44CBFB6387444EE4556B29F040E93A6798B3ACEAE0C382 ] seclogon        C:\Windows\system32\seclogon.dll
15:45:33.0818 0x0840  seclogon - ok
15:45:33.0899 0x0840  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
15:45:34.0015 0x0840  SENS - ok
15:45:34.0048 0x0840  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:45:34.0237 0x0840  Serenum - ok
15:45:34.0277 0x0840  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys
15:45:34.0442 0x0840  Serial - ok
15:45:34.0474 0x0840  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:45:34.0569 0x0840  sermouse - ok
15:45:34.0634 0x0840  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
15:45:34.0724 0x0840  SessionEnv - ok
15:45:34.0790 0x0840  [ 3A19C899BCF0EA24CFEC2038E6A489DB, C42F568D3BC9DAA1B6DF2FEE8D6015CC223B8F2442C4C414CE682AFE33F146F4 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:45:34.0839 0x0840  sffdisk - ok
15:45:34.0848 0x0840  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:45:34.0934 0x0840  sffp_mmc - ok
15:45:34.0967 0x0840  [ FDCA63A2EEE528585EB66CEAC183EC22, D7990D4A402A80233DD5AFFFBDBAD4DBEEB0959B17A78B3A02EB0B530A0077AA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:45:35.0023 0x0840  sffp_sd - ok
15:45:35.0057 0x0840  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:45:35.0191 0x0840  sfloppy - ok
15:45:35.0303 0x0840  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:45:35.0475 0x0840  SftService - ok
15:45:35.0585 0x0840  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:45:35.0688 0x0840  SharedAccess - ok
15:45:35.0809 0x0840  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:45:35.0873 0x0840  ShellHWDetection - ok
15:45:35.0915 0x0840  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:45:35.0944 0x0840  SiSRaid2 - ok
15:45:35.0968 0x0840  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:45:36.0001 0x0840  SiSRaid4 - ok
15:45:36.0074 0x0840  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:45:36.0157 0x0840  SkypeUpdate - ok
15:45:36.0285 0x0840  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
15:45:36.0312 0x0840  SLEE_16_DRIVER - ok
15:45:36.0555 0x0840  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
15:45:37.0404 0x0840  slsvc - ok
15:45:37.0490 0x0840  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:45:37.0546 0x0840  SLUINotify - ok
15:45:37.0612 0x0840  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:45:37.0672 0x0840  Smb - ok
15:45:37.0727 0x0840  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:45:37.0756 0x0840  SNMPTRAP - ok
15:45:37.0823 0x0840  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:45:37.0852 0x0840  spldr - ok
15:45:37.0924 0x0840  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
15:45:37.0973 0x0840  Spooler - ok
15:45:38.0048 0x0840  [ 4A3CE977E95070922EBA8EEE80EF08C0, EDC0DB3CBB20F7E4E517078C67CB4833F415EA386605011B13AE78C117DE0267 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:45:38.0168 0x0840  srv - ok
15:45:38.0228 0x0840  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:45:38.0300 0x0840  srv2 - ok
15:45:38.0330 0x0840  [ DA20A8B6800396211638D91F68FF09A6, 624ACDB9C4B20C3556ACD01E0794A7BAC0A8F867580210251540C5E14413A428 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:45:38.0365 0x0840  srvnet - ok
15:45:38.0419 0x0840  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:45:38.0581 0x0840  SSDPSRV - ok
15:45:38.0620 0x0840  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:45:38.0671 0x0840  SstpSvc - ok
15:45:38.0862 0x0840  [ C5DF63AE2693C9B6B01B4A2E6C1C64AC, 43101C32A8138F9D746226582032308DACF59D9E64977D719ED8BE08101C9C2F ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
15:45:38.0910 0x0840  STacSV - ok
15:45:38.0978 0x0840  [ BA16447226ABFD342E130D2F24F73D32, B0746CF374077B4434E9A1BF486A03D156CDB70E13012787C7CE5E662D50A12D ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
15:45:39.0060 0x0840  STHDA - ok
15:45:39.0144 0x0840  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
15:45:39.0284 0x0840  stisvc - ok
15:45:39.0367 0x0840  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:45:39.0389 0x0840  stllssvr - ok
15:45:39.0447 0x0840  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:45:39.0470 0x0840  swenum - ok
15:45:39.0567 0x0840  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
15:45:39.0652 0x0840  swprv - ok
15:45:39.0688 0x0840  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:45:39.0715 0x0840  Symc8xx - ok
15:45:39.0725 0x0840  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:45:39.0751 0x0840  Sym_hi - ok
15:45:39.0764 0x0840  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:45:39.0794 0x0840  Sym_u3 - ok
15:45:39.0870 0x0840  [ 79A93EC9D224B1F43C0E2F023D61DCA3, B6BD0F62506E5E59D1B7CE278D7803A75F4243C228D9683E2933CAFB1E4264D5 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:45:39.0903 0x0840  SynTP - ok
15:45:40.0032 0x0840  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
15:45:40.0234 0x0840  SysMain - ok
15:45:40.0407 0x0840  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
15:45:40.0446 0x0840  TabletInputService - ok
15:45:40.0547 0x0840  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:45:40.0699 0x0840  TapiSrv - ok
15:45:40.0739 0x0840  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
15:45:40.0843 0x0840  TBS - ok
15:45:40.0972 0x0840  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:45:42.0896 0x0840  Tcpip - ok
15:45:43.0588 0x0840  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:45:44.0024 0x0840  Tcpip6 - ok
15:45:44.0153 0x0840  [ A7FF25D9B9DA36797BD1EA48DB292DCE, D89C946633E77765923BD698F2665DC03C5CF1676EB2BAF4450A856B2E856997 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:45:44.0188 0x0840  tcpipreg - ok
15:45:44.0308 0x0840  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:45:44.0373 0x0840  TDPIPE - ok
15:45:44.0405 0x0840  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:45:44.0502 0x0840  TDTCP - ok
15:45:44.0567 0x0840  [ A47CD175CF72CA5EEDB47C79532A7622, 1F682B002A64D2A8559005651F742DD3AFB50AE5D6DADAF4A75DD08410385FBF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:45:44.0602 0x0840  tdx - ok
15:45:44.0687 0x0840  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:45:44.0718 0x0840  TermDD - ok
15:45:44.0819 0x0840  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
15:45:44.0909 0x0840  TermService - ok
15:45:44.0959 0x0840  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
15:45:45.0029 0x0840  Themes - ok
15:45:45.0084 0x0840  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:45:45.0178 0x0840  THREADORDER - ok
15:45:45.0225 0x0840  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
15:45:45.0341 0x0840  TrkWks - ok
15:45:45.0425 0x0840  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:45:45.0475 0x0840  TrustedInstaller - ok
15:45:45.0519 0x0840  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:45.0547 0x0840  tssecsrv - ok
15:45:45.0612 0x0840  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:45:45.0640 0x0840  tunmp - ok
15:45:45.0739 0x0840  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:45:45.0768 0x0840  tunnel - ok
15:45:45.0794 0x0840  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:45:45.0825 0x0840  uagp35 - ok
15:45:45.0925 0x0840  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:45:46.0024 0x0840  udfs - ok
15:45:46.0076 0x0840  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:45:46.0195 0x0840  UI0Detect - ok
15:45:46.0228 0x0840  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:45:46.0258 0x0840  uliagpkx - ok
15:45:46.0306 0x0840  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:45:46.0347 0x0840  uliahci - ok
15:45:46.0369 0x0840  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:45:46.0402 0x0840  UlSata - ok
15:45:46.0439 0x0840  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:45:46.0478 0x0840  ulsata2 - ok
15:45:46.0509 0x0840  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:45:46.0699 0x0840  umbus - ok
15:45:46.0847 0x0840  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
15:45:47.0032 0x0840  upnphost - ok
15:45:47.0301 0x0840  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:45:47.0337 0x0840  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:45:49.0744 0x0840  Detect skipped due to KSN trusted
15:45:49.0744 0x0840  USBAAPL64 - ok
15:45:50.0441 0x0840  [ 74110424CA94EE0352D99614CF927683, 392EF1851EF5306439252331DDC5FA53B535E1AA03B8784C6C1E675301C032B4 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:50.0477 0x0840  usbccgp - ok
15:45:50.0779 0x0840  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:45:50.0895 0x0840  usbcir - ok
15:45:50.0950 0x0840  [ F683D12010A905AAB7E9E3100F44269E, 31D3CBDFF20234D3D9F21FFE9BF1D38CADDB5F0382436CD75488DC8D1DA3FC8C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:45:50.0980 0x0840  usbehci - ok
15:45:51.0041 0x0840  [ 558C0F1D3C5CECA5B5CF631FF8B71C02, DE3CDBF9C7D040CA48B51031765149B30F27F93C40FB7DE780B2D5B9312F8B66 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:45:51.0090 0x0840  usbhub - ok
15:45:51.0146 0x0840  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:45:51.0287 0x0840  usbohci - ok
15:45:51.0340 0x0840  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:45:51.0406 0x0840  usbprint - ok
15:45:51.0598 0x0840  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:45:51.0669 0x0840  usbscan - ok
15:45:51.0715 0x0840  [ 2702146BBD36B2AF1514CCC1F914646C, 6943396692E64782F04EA2FE40D3C6B6B5CC4E6DD3CFCB5739015AB509EEB3AE ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:51.0758 0x0840  USBSTOR - ok
15:45:51.0828 0x0840  [ 6C94F3CE023AB61330974DFD970EA3E6, CE324BB637132725FC90D9712E4B2B9F50957678C5DF7BB1452B69BE819075B8 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:45:51.0856 0x0840  usbuhci - ok
15:45:51.0917 0x0840  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:45:51.0990 0x0840  usbvideo - ok
15:45:52.0073 0x0840  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
15:45:52.0128 0x0840  UxSms - ok
15:45:52.0214 0x0840  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
15:45:52.0429 0x0840  vds - ok
15:45:52.0621 0x0840  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:52.0687 0x0840  vga - ok
15:45:52.0756 0x0840  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:45:52.0887 0x0840  VgaSave - ok
15:45:52.0910 0x0840  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:45:52.0932 0x0840  viaide - ok
15:45:53.0015 0x0840  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:45:53.0049 0x0840  volmgr - ok
15:45:53.0183 0x0840  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:45:53.0235 0x0840  volmgrx - ok
15:45:53.0288 0x0840  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:45:53.0374 0x0840  volsnap - ok
15:45:53.0516 0x0840  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:45:53.0553 0x0840  vsmraid - ok
15:45:53.0761 0x0840  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
15:45:54.0192 0x0840  VSS - ok
15:45:54.0367 0x0840  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
15:45:54.0562 0x0840  W32Time - ok
15:45:54.0593 0x0840  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:45:54.0753 0x0840  WacomPen - ok
15:45:54.0843 0x0840  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:45:54.0951 0x0840  Wanarp - ok
15:45:54.0962 0x0840  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:45:55.0047 0x0840  Wanarpv6 - ok
15:45:55.0188 0x0840  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:45:55.0393 0x0840  wcncsvc - ok
15:45:55.0461 0x0840  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:45:55.0548 0x0840  WcsPlugInService - ok
15:45:55.0579 0x0840  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
15:45:55.0612 0x0840  Wd - ok
15:45:55.0718 0x0840  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:45:55.0871 0x0840  Wdf01000 - ok
15:45:55.0898 0x0840  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:45:56.0029 0x0840  WdiServiceHost - ok
15:45:56.0039 0x0840  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:45:56.0180 0x0840  WdiSystemHost - ok
15:45:56.0250 0x0840  [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient       C:\Windows\System32\webclnt.dll
15:45:56.0352 0x0840  WebClient - ok
15:45:56.0414 0x0840  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:45:56.0484 0x0840  Wecsvc - ok
15:45:56.0498 0x0840  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:45:56.0611 0x0840  wercplsupport - ok
15:45:56.0650 0x0840  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:45:56.0771 0x0840  WerSvc - ok
15:45:56.0805 0x0840  WinDefend - ok
15:45:56.0821 0x0840  WinHttpAutoProxySvc - ok
15:45:57.0027 0x0840  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:45:57.0238 0x0840  Winmgmt - ok
15:45:57.0418 0x0840  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
15:45:58.0171 0x0840  WinRM - ok
15:45:58.0304 0x0840  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:45:58.0552 0x0840  Wlansvc - ok
15:45:58.0561 0x0840  wltrysvc - ok
15:45:58.0619 0x0840  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:45:58.0645 0x0840  WmiAcpi - ok
15:45:58.0742 0x0840  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:45:58.0894 0x0840  wmiApSrv - ok
15:45:58.0927 0x0840  WMPNetworkSvc - ok
15:45:59.0010 0x0840  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:45:59.0124 0x0840  WPCSvc - ok
15:45:59.0241 0x0840  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:45:59.0285 0x0840  WPDBusEnum - ok
15:45:59.0421 0x0840  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:45:59.0491 0x0840  WpdUsb - ok
15:45:59.0782 0x0840  [ 4CF27ED8D93A30BAA6F4DF50E62B7675, BDD0BD5C8DF13E0617429775F717E7078537C85921750BD3FE8401D7302166FD ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:46:00.0109 0x0840  WPFFontCache_v0400 - ok
15:46:00.0150 0x0840  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:46:00.0260 0x0840  ws2ifsl - ok
15:46:00.0471 0x0840  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:46:00.0886 0x0840  wscsvc - ok
15:46:00.0908 0x0840  WSearch - ok
15:46:01.0111 0x0840  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:46:01.0989 0x0840  wuauserv - ok
15:46:02.0107 0x0840  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:46:02.0139 0x0840  WudfPf - ok
15:46:02.0218 0x0840  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:02.0258 0x0840  WUDFRd - ok
15:46:02.0315 0x0840  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:46:02.0351 0x0840  wudfsvc - ok
15:46:02.0386 0x0840  ZTEusbmdm6k - ok
15:46:02.0400 0x0840  ZTEusbnmea - ok
15:46:02.0413 0x0840  ZTEusbser6k - ok
15:46:02.0475 0x0840  ================ Scan global ===============================
15:46:02.0551 0x0840  [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
15:46:02.0647 0x0840  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
15:46:02.0829 0x0840  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
15:46:02.0899 0x0840  [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
15:46:02.0955 0x0840  [ Global ] - ok
15:46:02.0956 0x0840  ================ Scan MBR ==================================
15:46:02.0978 0x0840  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
15:46:04.0039 0x0840  \Device\Harddisk0\DR0 - ok
15:46:04.0040 0x0840  ================ Scan VBR ==================================
15:46:04.0087 0x0840  [ 1C981D0E92186A444F16C0BD0130D3EA ] \Device\Harddisk0\DR0\Partition1
15:46:04.0150 0x0840  \Device\Harddisk0\DR0\Partition1 - ok
15:46:04.0169 0x0840  [ B75FF2AEF26B9C1F554507219A41DF21 ] \Device\Harddisk0\DR0\Partition2
15:46:04.0226 0x0840  \Device\Harddisk0\DR0\Partition2 - ok
15:46:04.0226 0x0840  ================ Scan generic autorun ======================
15:46:04.0282 0x0840  Windows Defender - ok
15:46:04.0383 0x0840  [ 21D9910EF7EA9C58C8E31EE2C29D5F49, 7F68C168AA029B61810297F21D340B6756F4140642DAD0E3F2CA22AF525312EB ] C:\Program Files\iTunes\iTunesHelper.exe
15:46:04.0418 0x0840  iTunesHelper - ok
15:46:04.0602 0x0840  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
15:46:04.0918 0x0840  MSC - ok
15:46:05.0071 0x0840  SunJavaUpdateSched - ok
15:46:05.0072 0x0840  SysTrayApp - ok
15:46:05.0215 0x0840  [ 2659F9B422673A98D5629FA3294F5DF3, C5245631EA9D17226C7246DC2702830440DBBE747A0FD5B59C778CAB8F8728AA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:46:05.0361 0x0840  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:46:08.0019 0x0840  Detect skipped due to KSN trusted
15:46:08.0019 0x0840  StartCCC - ok
15:46:08.0169 0x0840  [ 33A8CC84A281B4C7F7FBAA6DC3CA26A4, 095AF8B502AAA32BA080E0C54FBE796EEBB32AB6B57881C69215E6730C070CFF ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
15:46:08.0219 0x0840  Microsoft Default Manager - ok
15:46:08.0293 0x0840  [ 248FB4D46C7F4A39D601EA870EE55AC4, C9A3DA95F76AC9A6A032EE6DC18F9CA940B3A4A906B9DF983E5A8A6F1B8130A6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:46:08.0390 0x0840  SunJavaUpdateSched - ok
15:46:08.0520 0x0840  [ 4E4B8C43C94A6A408CA3D45FD049ECD0, 80C11CEC98CB2D91053207F989436335F4D15A1820037C958F07586A3BA083C2 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
15:46:08.0563 0x0840  Launcher - ok
15:46:08.0792 0x0840  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:09.0256 0x0840  Sidebar - ok
15:46:09.0262 0x0840  WindowsWelcomeCenter - ok
15:46:09.0358 0x0840  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:09.0861 0x0840  Sidebar - ok
15:46:09.0868 0x0840  WindowsWelcomeCenter - ok
15:46:10.0059 0x0840  [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe
15:46:10.0493 0x0840  Sidebar - ok
15:46:10.0660 0x0840  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe
15:46:10.0837 0x0840  f.lux - ok
15:46:11.0114 0x0840  [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:46:11.0184 0x0840  Dropbox Update - ok
15:46:11.0185 0x0840  Waiting for KSN requests completion. In queue: 59
15:46:12.0185 0x0840  Waiting for KSN requests completion. In queue: 59
15:46:13.0185 0x0840  Waiting for KSN requests completion. In queue: 8
15:46:15.0147 0x0840  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe (  ), 0x61000 ( enabled : updated )
15:46:15.0508 0x0840  Win FW state via NFP2: enabled ( trusted )
15:46:18.0009 0x0840  ============================================================
15:46:18.0009 0x0840  Scan finished
15:46:18.0009 0x0840  ============================================================
15:46:18.0032 0x0e04  Detected object count: 0
15:46:18.0032 0x0e04  Actual detected object count: 0

M-K-D-B · 23.07.2016, 08:13

Servus,

du hast zweimal die Logdatei von TDSS-Killer gepostet. Die Addition.txt fehlt noch.

Bitte nachreichen.

Danke.

th.wm · 23.07.2016, 12:04

Mist - Entschludige bitte

Adittion:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-07-2016
durchgeführt von Sophia (2016-07-22 15:47:37)
Gestartet von C:\Users\Sophia\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-10-03 20:27:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3595463166-1796683122-1627409653-500 - Administrator - Disabled)
Gast (S-1-5-21-3595463166-1796683122-1627409653-501 - Limited - Disabled)
Sophia (S-1-5-21-3595463166-1796683122-1627409653-1000 - Administrator - Enabled) => C:\Users\Sophia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.1114.2148 - )
AVerMedia A835 USB TV Tuner 8.0.64.43 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.43 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
ccc-core-static (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.45 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5830.12 - Dell Inc.)
Dell Support Center (Version: 3.1.5830.12 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.0.1.0 - Synaptics)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.03.04 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
f.lux (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version:  - )
Foto-Mosaik-Edda 5.5.0 (HKLM-x32\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version:  - Steffen Schirmer)
FotoSketcher 2.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
GetFLV 9.1.2.6 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version:  - )
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.2 - IBM Corp)
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Integrated Webcam Driver (1.04.01.0601)   (HKLM\...\Creative OA008) (Version: 1.04.01.0601 - Creative Technology Ltd.)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Langenscheidt Vokabeltrainer 4.0 Demoversion (HKLM-x32\...\{AD5A6099-D163-4DE9-9485-F2A210EE09B4}) (Version: 4.0.10 - Langenscheidt)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM-x32\...\{90300407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Lite (HKLM-x32\...\{13094693-c268-47a1-832c-034b01596db5}) (Version:  - Nero AG)
O&O MediaRecovery (HKLM-x32\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PhotoFiltre 7 (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre 7 (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre Studio X) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\PhotoFiltre Studio X) (Version:  - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Sicherheitsupdate für Windows Media Player (KB2845142) (HKLM\...\KB2845142_WM64) (Version:  - Microsoft Corporation)
Skins (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Steganos Safe OEM (HKLM-x32\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Tobit.Software clipinc.fx (HKLM-x32\...\Tobit ClipInc Server) (Version:  - Tobit.Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WISO Bewerbung 2008 (HKLM-x32\...\{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}) (Version: 6.1.0.56 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09F5E393-8A48-45F3-B02C-3B6D96A89AF8} - System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => pcalua.exe -a C:\Users\Sophia\Downloads\pf7-setup-en.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {0ACC73E3-28B6-43B5-9C44-6B293C4BA4F0} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {2F87CBE3-FF14-4A3D-A2E4-FAF30E0D7CA0} - System32\Tasks\{3A4BB35E-A62F-4A40-A177-73AE358C27CD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {34137432-B485-4C40-A6F8-A5AD61B8A051} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {35BDA22B-7B9D-42A6-9EC3-C93DD4AC19FE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{0A239F9D-3632-481E-B617-FED047FDB54A}.exe <==== ACHTUNG
Task: {37F2978B-DB01-40AD-AE7C-BD6C4051CDA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4D8C98FC-3AFE-4390-8F21-568275B30C1E} - System32\Tasks\{9B2CE4F5-B77C-400B-8B66-B0157D6B2649} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {631680B8-6DD5-426F-AFA2-30BE533336F6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {74FBBDEB-15A8-4B89-8C40-36E011382C42} - System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => pcalua.exe -a C:\Users\Sophia\Downloads\avira_free_antivirus_de.exe -d C:\Windows\SysWOW64
Task: {9710792A-C72D-4D71-92BA-A4262BC64CE0} - System32\Tasks\{1BD7192E-0369-4267-AA15-C6F22AC16D91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/go/help.faq.installer?LastError=1618
Task: {A65ABFC9-A50C-4E70-84D6-6E8116250D72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {B0C91123-B9ED-47D0-AA61-4DB3769E5322} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B180542D-F09C-43D3-865B-75999BBDB68B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B2658FFD-FE10-4BD8-A025-EAC64D6E7E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B470129E-5084-4614-BBA3-193E261DAFD6} - System32\Tasks\{2A6476E4-001C-4983-9886-A85283B4D035} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {BD257C64-70A0-4594-B848-C20C2CE6CDA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {CBC9FB78-0B12-4FDE-99AD-2C90F412C9D3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{5A0F391B-797D-47EA-A6A6-377C9728EE34}.exe <==== ACHTUNG
Task: {D6E3619A-0BA8-4704-AD1E-33DB94E9E257} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {D8A48920-60FC-4F10-9997-11494FAF227D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F5FF1C6B-2113-421D-B380-763123BA6DF2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {F9D6D4E7-C69E-4524-9CEB-189F73698348} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {FF57E1FE-9CAA-4BD0-823E-463FEFF51224} - System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => pcalua.exe -a C:\Users\Sophia\Downloads\pfsx-setup-en-10.4.1.exe -d "C:\Program Files (x86)\Mozilla Firefox"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{5A0F391B-797D-47EA-A6A6-377C9728EE34}.exe <==== ACHTUNG
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{0A239F9D-3632-481E-B617-FED047FDB54A}.exe <==== ACHTUNG
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2009-10-04 03:53 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-04 03:53 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-15 20:02 - 2009-10-09 21:11 - 00389120 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2009-10-11 20:31 - 2009-05-27 10:07 - 02230024 _____ () C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
2013-10-31 14:47 - 2013-10-31 14:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2009-10-04 05:53 - 2008-11-26 23:45 - 00119296 _____ () C:\Windows\system32\atitmm64.dll
2009-10-04 04:07 - 2010-07-21 17:36 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2009-10-04 04:00 - 2009-10-04 04:00 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-09-18 17:30 - 2008-09-18 17:30 - 01186816 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx
2008-11-18 20:25 - 2008-11-18 20:25 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00485968 _____ () C:\Program Files\Dell Support Center\libAsapiCSharp.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00100944 _____ () C:\Program Files\Dell Support Center\libCSharpCommonCS.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00018512 _____ () C:\Program Files\Dell Support Center\libGapiCSharp.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00043600 _____ () C:\Program Files\Dell Support Center\libDataStoreCSharp.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00088656 _____ () C:\Program Files\Dell Support Center\libTonopahClientCSharp.dll
2011-06-15 01:13 - 2011-06-15 01:13 - 00025680 _____ () C:\Program Files\Dell Support Center\pcdcsharpcommon.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-10-04 04:07 - 2010-07-21 17:34 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-10-04 04:07 - 2010-07-21 17:34 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2016-07-13 22:33 - 2016-06-07 03:58 - 00034768 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-07-13 22:31 - 2016-06-07 03:58 - 00134088 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-07-13 22:31 - 2016-06-07 03:59 - 00019408 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-07-13 22:31 - 2016-06-07 03:58 - 00116688 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-13 22:32 - 2016-06-07 03:58 - 00093640 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-07-13 22:32 - 2016-06-07 03:58 - 00018376 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\select.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00019760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00105928 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-07-13 22:31 - 2016-06-07 03:58 - 00392144 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-07-13 22:32 - 2016-07-05 20:00 - 00381752 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-13 22:32 - 2016-06-07 03:58 - 00692688 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-07-13 22:31 - 2016-07-05 19:59 - 00020816 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-13 22:32 - 2016-06-07 03:59 - 00123856 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-07-13 22:31 - 2016-07-05 19:59 - 01682760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-07-13 22:31 - 2016-07-05 19:59 - 00020808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00021840 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00052024 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00038696 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-07-13 22:31 - 2016-06-07 04:00 - 00020936 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00024528 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00114640 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00124880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00021832 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00175560 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00030160 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00043472 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00048592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00023872 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00026456 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00057808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-07-13 22:31 - 2016-07-05 19:59 - 00246592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00028616 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00019776 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-13 22:32 - 2016-06-07 03:58 - 00134608 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-07-13 22:31 - 2016-06-07 03:59 - 00240584 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-07-13 22:31 - 2016-07-05 19:59 - 00020280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00023376 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00350152 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00022352 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00024392 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-07-13 22:31 - 2016-06-07 04:01 - 00036296 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsync.dll
2016-07-13 22:31 - 2016-07-05 20:00 - 00084280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
2016-07-13 22:31 - 2016-07-05 20:00 - 01826096 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-07-13 22:32 - 2016-06-07 03:59 - 00083912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\sip.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 03928880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 01971504 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00531248 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00132912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00223544 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-07-13 22:31 - 2016-07-05 20:00 - 00207672 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-07-13 22:32 - 2016-06-07 04:00 - 00060880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-07-13 22:32 - 2016-07-05 20:00 - 00024904 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-15 19:51 - 2016-07-15 19:51 - 19483328 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sophia\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Sophia\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WISO Bewerbung-Reminder.lnk => C:\Windows\pss\WISO Bewerbung-Reminder.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => "C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" /logon
MSCONFIG\startupreg: ClipIncSrvTray => "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Ocs_SM => C:\Users\Sophia\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SAFEOEM HotKeys => "C:\Program Files (x86)\Steganos Safe OEM\SteganosHotKeyService.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: XtraRichi => C:\Program Files (x86)\Richi\Richi_Skype_Com.exe /OnStartUp
MSCONFIG\startupreg: YourFile DownloaderInstaller Starter => "C:\Users\Sophia\AppData\Local\Temp\install45508463.exe" -startup

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B05C359F-71EE-42AE-9E20-70C802415C21}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{E4FB67BF-283F-4F22-99D6-426605F7487A}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{9DFDC5A6-0B44-4945-A712-364D25CBE1A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{5E557084-86C0-48D2-89D7-70983E758FD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{7F7FF538-71D1-4B50-8FB1-FEA4BBCB039C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{98F87DBC-9E3F-4705-8820-1B26E524BAF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{60500BB9-48BC-444B-B228-554AD8747730}] => (Allow) svchost.exe
FirewallRules: [{27571AE7-C787-41A4-8670-6E36DE1E2210}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9C531F82-F6F6-4CF0-AF2E-2CD5964F9982}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DD831551-621A-4813-8858-8778D6F571B5}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{47284108-2AC5-4C27-8295-9A0D607BE5FC}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{F7DE9E6A-C636-467F-922F-C6A16D0249D3}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{CEC333DB-793D-42D1-A95A-0AF7EF0F830F}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{8E9E6E56-3D36-4596-8246-B4F1C2751383}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8EA3B2CF-F7F6-49D8-AB9F-E9D5CC48151D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E3F968D7-D5D6-4D1A-AF2F-7A9A82405BE4}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{D17BD124-E17B-428F-BFEC-73DCDA202780}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B7B1E433-960A-4EE5-A95E-DF094CB0FD79}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [UDP Query User{78EE60B1-C735-420E-9427-C1486C24A225}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [{107333F1-502C-4016-9751-21D93564D454}] => (Allow) LPort=80
FirewallRules: [{B603BC84-F1D2-40F9-B53F-15D719A33F32}] => (Allow) LPort=80
FirewallRules: [{E58D0311-4E9D-497D-8F1B-8FA5B3954FBE}] => (Allow) LPort=80
FirewallRules: [TCP Query User{8A71DD60-7C11-42D3-A1C9-5447355584A7}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [UDP Query User{0A76124C-9AC8-4E2D-B1F9-B52A4D74AD8F}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [{6C49B0EE-506D-4E18-86AC-330F956CB11B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4427B135-E7E2-4622-8E1B-E2807EB63CB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D13F511-0764-438A-8D23-AF0D1B09E1E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C569E7-1F5B-4A3F-B01E-4E49CB7DE03F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{46482690-7E4A-45B4-AA5E-53CC243CAB77}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E21F7EBF-B745-44C5-9BE8-FE0542E4B042}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{86C4CC7D-8D13-424D-98FC-4C0BE7AEC30A}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{19D6F1D3-BD01-4BF7-8B5C-6550D1B0031D}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A52470D0-B432-4AAB-8F9D-C40CAA1604A5}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AE252CFF-5D6E-49F5-9128-FE2FEABE6BA9}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{45DA9764-7D77-46FA-8F45-EFF957766547}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{675F5B2B-9E25-47AB-9663-ACA3C29AFB40}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{1F51600D-A8A5-440C-99CE-3B2ACA83E2D7}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{20E66476-D490-4251-B31B-33267E089B1F}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{EF373577-A6FA-4E87-9720-E8AA4E2CF2F2}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [{9F0D1EAE-BD42-44E9-8118-817382C89904}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [TCP Query User{04E991F5-FCC4-4DA2-8B1B-65E2404E60BC}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{065F4778-F241-40A7-927E-5E81FD07179D}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [{4A2CF61B-7D60-4797-B1BB-3F0BAA3D6673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E008055F-1FDC-4A5E-ABD2-3980FB0C455C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{419AADDE-5FAD-4025-9A15-D89764983593}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8449250A-0EB1-4A33-BFAE-FA7254F05A1F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BFD9FA37-14FA-4CE7-83BD-EE45A18E5A48}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9717B5EE-6F18-436A-BB86-673FFA9FA911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5AB7E4A-4E3C-4152-BE2C-CF74D3F0715E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{819C8916-180E-43C6-B5F9-968081A7DF12}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{4F150475-EA94-4124-A6D5-19869C50A359}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{F37D3743-72E5-4C28-8046-D1CBD65FDC69}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{BCDDBCDF-5AC8-4BBA-BB57-4B3D11D1D150}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{0921CDB0-AE39-44D7-B8F8-F84E48B7A715}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{B5368453-8460-4B59-9A38-4CE66BADA7D0}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{C3576CC2-8B96-4081-A7C9-AB47FC72C72D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E35E8A9C-C8FC-4B53-B538-874FD89F7573}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{FE5EA5F8-5814-4B99-B598-3059C7DA305B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E1423783-A600-4F45-AE85-1C467CC07EB3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{A3F2F8F5-BDE3-4B62-A00F-8A6556BEFA10}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{98104441-A692-4FB6-A591-61A9DF32328E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [TCP Query User{A228C6F7-56A2-43D9-807B-C84BB7964554}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D7EBEB6E-6D1E-469E-AA61-FBCC107267AB}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe

==================== Wiederherstellungspunkte =========================

12-06-2016 18:23:06 Geplanter Prüfpunkt
13-06-2016 17:15:28 Windows Update
16-06-2016 08:44:48 Windows Update
17-06-2016 16:12:46 Geplanter Prüfpunkt
18-06-2016 12:42:49 Geplanter Prüfpunkt
05-07-2016 14:44:29 Windows Update
15-07-2016 18:10:25 Windows Update
19-07-2016 08:07:28 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Videokamera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/22/2016 03:41:23 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2880) Asapi: (15:41:23:0470)(2880) engine.EngineLink - Error -- 81 Invalid connection to client

Error: (07/22/2016 03:33:46 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2712) Asapi: (15:33:46:1880)(2712) enumerator - Error -- 118 pcdrsysinfosoftware: Module timed out after 125440 milliseconds and was terminated

Error: (07/22/2016 03:33:46 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2712) Asapi: (15:33:46:1860)(2712) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec.

Error: (07/22/2016 03:33:46 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2712) Asapi: (15:33:46:1720)(2712) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfosoftware.p5x) readFromPipeTimed failed, killing: 464

Error: (07/22/2016 03:33:46 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2712) Asapi: (15:33:46:0080)(2712) libCommon.System.Windows - Error -- 629 readFromPipeTimed(3448) timed out after 119986 totalBytes: 0

Error: (07/22/2016 03:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011755

Error: (07/22/2016 03:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011755

Error: (07/22/2016 03:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/22/2016 03:27:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3009228

Error: (07/22/2016 03:27:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3009228


Systemfehler:
=============
Error: (03/24/2013 10:46:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.03.2013 um 21:43:33 unerwartet heruntergefahren.

Error: (03/24/2013 10:13:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/24/2013 10:04:48 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/22/2013 03:36:28 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/22/2013 08:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/22/2013 07:58:01 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/21/2013 10:08:36 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/21/2013 08:35:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/21/2013 08:26:41 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/20/2013 08:10:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000SftService


CodeIntegrity:
===================================
  Date: 2016-07-22 15:43:37.898
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 15:43:33.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 15:43:31.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 15:43:28.553
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 15:32:35.539
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 14:35:19.504
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 14:35:18.485
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 14:35:17.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 14:35:16.348
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-22 14:35:15.253
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3066.06 MB
Verfügbarer physikalischer RAM: 877.04 MB
Summe virtueller Speicher: 6360.41 MB
Verfügbarer virtueller Speicher: 2633.22 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:75.66 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 855CF293)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B · 24.07.2016, 09:26

Servus,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

th.wm · 24.07.2016, 20:53

Vielen Dank schonmal.

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows (TM) Vista Home Premium x64 
Ran by Sophia (Administrator) on 24.07.2016 at 19:37:52,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 29 

Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job (Task) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E0VQCFA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ELC07N9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6V49AZ4H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A7RWR9J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97ZXEJ7X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MZK0EKU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CP4MU1T3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GK73O5GW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWKS170Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPGUNHQW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LF8VXNMJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sophia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PHDAYBBF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E0VQCFA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ELC07N9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6V49AZ4H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A7RWR9J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97ZXEJ7X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MZK0EKU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CP4MU1T3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GK73O5GW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWKS170Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPGUNHQW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LF8VXNMJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PHDAYBBF (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.07.2016 at 19:48:26,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 24/07/2016 um 13:31:10
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-21.2 [Server]
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (X64)
# Benutzername : Sophia - SOPHIA-PC
# Gestartet von : C:\Users\Sophia\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[#] Ordner gelöscht : C:\ProgramData\Avg_Update_0814tb
[#] Ordner gelöscht : C:\Program Files (x86)\AVG Security Toolbar
[#] Ordner gelöscht : C:\Program Files (x86)\Conduit
[#] Ordner gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[#] Ordner gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
[#] Ordner gelöscht : C:\Users\Sophia\AppData\Local\AskToolbar
[#] Ordner gelöscht : C:\Users\Sophia\AppData\Roaming\DesktopIconForAmazon
[#] Ordner gelöscht : C:\Users\Sophia\AppData\Roaming\OCS

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Geplante Aufgabe gelöscht : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Geplante Aufgabe gelöscht : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Geplante Aufgabe gelöscht : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Schlüssel gelöscht : HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Schlüssel gelöscht : HKCU\Software\Conduit
[-] Schlüssel gelöscht : HKCU\Software\ICQ\ICQToolbar
[-] Schlüssel gelöscht : HKCU\Software\IGearSettings
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Softonic
[-] Schlüssel gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\YourFileDownloader
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\ICQ\ICQToolbar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnUpdater
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Ocs_SM
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6196 Bytes] - [24/07/2016 13:31:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [6968 Bytes] - [24/07/2016 12:58:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6342 Bytes] ##########

Mbam

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 24.07.2016
Suchlaufzeit: 18:25:48
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.24.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x64
Dateisystem: NTFS
Benutzer: Sophia

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 337997
Abgelaufene Zeit: 1 Std., 7 Min., 47 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 24.07.2016, 20:59

Servus,

bitte noch die beiden neuen Logdateien von FRST posten.

th.wm · 24.07.2016, 21:07

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
durchgeführt von Sophia (Administrator) auf SOPHIA-PC (24-07-2016 21:53:47)
Gestartet von C:\Users\Sophia\Desktop
Geladene Profile: Sophia (Verfügbare Profile: Sophia)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_66\bin\jusched.exe"
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-19] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [f.lux] => C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d8327765-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d832776d-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {e999ee64-1075-11e6-bb43-0026b907cf2b} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [840704 2009-04-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{2641EED2-5F8E-4AC2-A38E-7655BB7C2B4A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EA085BBF-1A5F-492C-BE04-02E870D39C8D}: [DhcpNameServer] 192.168.179.1

Internet Explorer:
==================
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {C9C99FA8-8F23-4A82-9A91-1B400495DB37} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.sueddeutsche.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\searchplugins\ecosia.xml [2015-10-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-06]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-02-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-02-03]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [Datei ist nicht signiert]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [Datei ist nicht signiert]
R2 ClipInc001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2230024 2009-05-27] ()
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [511232 2009-10-19] (AVerMedia TECHNOLOGIES, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 OA008Ufd; C:\Windows\System32\DRIVERS\OA008Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA008Vid; C:\Windows\System32\DRIVERS\OA008Vid.sys [313696 2009-05-06] (Creative Technology Ltd.)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-24 21:53 - 2016-07-24 21:55 - 00019938 _____ C:\Users\Sophia\Desktop\FRST.txt
2016-07-24 19:48 - 2016-07-24 19:48 - 00005064 _____ C:\Users\Sophia\Desktop\JRT.txt
2016-07-24 14:37 - 2016-05-14 17:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-24 14:37 - 2016-05-14 17:53 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-07-24 14:37 - 2016-05-14 17:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-24 14:37 - 2016-05-14 17:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-24 14:37 - 2016-05-14 17:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-07-24 14:37 - 2016-05-14 16:38 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-24 14:37 - 2016-05-14 16:38 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-24 14:37 - 2016-05-14 16:38 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-24 14:37 - 2016-05-11 15:10 - 00516328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-24 14:28 - 2016-05-18 17:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-24 14:28 - 2016-05-18 17:34 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-24 14:08 - 2016-05-14 17:58 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-24 14:08 - 2016-05-14 17:53 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-24 14:08 - 2016-05-14 17:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-24 14:08 - 2016-05-14 17:41 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-24 14:04 - 2016-05-12 16:45 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-24 14:04 - 2016-05-12 16:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-24 14:04 - 2016-05-12 16:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-07-24 14:04 - 2016-05-10 17:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-24 14:04 - 2016-05-10 17:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-24 14:04 - 2016-05-10 17:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-24 14:04 - 2016-05-10 16:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-24 14:04 - 2016-05-10 16:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-24 14:04 - 2016-05-10 16:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-24 14:00 - 2016-05-12 17:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-24 14:00 - 2016-05-12 17:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-24 14:00 - 2016-05-12 17:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-24 14:00 - 2016-05-12 17:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-24 14:00 - 2016-05-12 17:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-24 14:00 - 2016-05-12 17:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-24 13:39 - 2016-07-24 13:39 - 00006436 _____ C:\Users\Sophia\Desktop\AdwCleaner[C1].txt
2016-07-24 13:05 - 2016-05-12 21:52 - 18804224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-24 13:05 - 2016-05-12 21:49 - 02351616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-24 13:05 - 2016-05-12 21:46 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-24 13:05 - 2016-05-12 21:45 - 10940416 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-24 13:05 - 2016-05-12 21:44 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-24 13:05 - 2016-05-12 21:43 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 02159104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-24 13:05 - 2016-05-12 21:42 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-24 13:05 - 2016-05-12 21:42 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-24 13:05 - 2016-05-12 21:42 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-24 13:05 - 2016-05-12 21:41 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-24 13:05 - 2016-05-12 21:11 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-24 13:05 - 2016-05-12 21:10 - 12840960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-24 13:05 - 2016-05-12 21:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-24 13:05 - 2016-05-12 21:06 - 09755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-24 13:05 - 2016-05-12 21:06 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-24 13:05 - 2016-05-12 21:05 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-24 13:05 - 2016-05-12 21:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00425472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-24 13:05 - 2016-05-12 21:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-24 13:05 - 2016-05-12 21:03 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-24 13:05 - 2016-05-12 21:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-24 12:57 - 2016-07-24 13:31 - 00000000 ____D C:\AdwCleaner
2016-07-24 12:55 - 2016-07-24 12:56 - 22851472 _____ (Malwarebytes ) C:\Users\Sophia\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-24 12:55 - 2016-07-24 12:55 - 03712064 _____ C:\Users\Sophia\Desktop\AdwCleaner_5.201.exe
2016-07-24 12:55 - 2016-07-24 12:55 - 01610560 _____ (Malwarebytes) C:\Users\Sophia\Desktop\JRT.exe
2016-07-22 15:47 - 2016-07-22 16:03 - 00078198 _____ C:\Users\Sophia\Downloads\Addition.txt
2016-07-22 15:41 - 2016-07-22 15:51 - 00186918 _____ C:\TDSSKiller.3.1.0.9_22.07.2016_15.41.05_log.txt
2016-07-22 15:39 - 2016-07-22 16:03 - 00034763 _____ C:\Users\Sophia\Downloads\FRST.txt
2016-07-22 15:37 - 2016-07-22 15:38 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sophia\Downloads\tdsskiller.exe
2016-07-22 15:36 - 2016-07-22 15:36 - 02393600 _____ (Farbar) C:\Users\Sophia\Desktop\FRST64.exe
2016-07-17 17:15 - 2016-07-17 17:16 - 00009377 _____ C:\Users\Sophia\Desktop\OpenDocument Text (neu).odt
2016-07-15 21:14 - 2016-07-24 21:53 - 00000000 ____D C:\FRST
2016-07-15 20:46 - 2016-07-24 21:49 - 00001214 _____ C:\Users\Sophia\Desktop\mbam.txt
2016-07-13 22:33 - 2016-07-13 22:33 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 19:48 - 2016-07-11 19:48 - 00001758 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-11 19:48 - 2016-07-11 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-24 21:56 - 2011-07-24 10:02 - 00000506 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-07-24 21:49 - 2012-09-07 14:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-24 21:30 - 2010-02-22 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-24 21:15 - 2015-09-28 16:10 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-07-24 20:45 - 2011-09-12 14:35 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-07-24 20:45 - 2011-09-12 14:35 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-07-24 19:56 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-24 19:56 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-24 19:42 - 2015-11-18 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-24 18:21 - 2015-11-18 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-24 18:21 - 2015-11-18 18:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-24 18:03 - 2008-01-21 13:10 - 01566504 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-24 18:03 - 2008-01-21 13:09 - 00674032 _____ C:\Windows\system32\perfh007.dat
2016-07-24 18:03 - 2008-01-21 13:09 - 00146012 _____ C:\Windows\system32\perfc007.dat
2016-07-24 18:03 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-07-24 18:00 - 2012-11-07 22:09 - 00000000 ___RD C:\Users\Sophia\Dropbox
2016-07-24 17:57 - 2012-02-03 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job
2016-07-24 17:57 - 2009-10-07 17:14 - 00000000 ____D C:\Users\Sophia\AppData\Local\SoftThinks
2016-07-24 17:56 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-24 17:53 - 2006-11-02 17:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-24 16:15 - 2015-09-28 16:10 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-07-24 15:29 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-07-24 14:58 - 2006-11-02 17:21 - 00414776 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-24 14:28 - 2013-07-21 00:01 - 00000000 ____D C:\Windows\system32\MRT
2016-07-24 14:25 - 2011-07-24 10:03 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2016-07-24 14:24 - 2011-07-24 10:02 - 00003536 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-07-24 14:08 - 2006-11-02 14:35 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-07-23 14:58 - 2016-01-03 15:24 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{994638B0-3BDB-4090-9335-EB2F209502B8}
2016-07-22 15:37 - 2009-10-04 04:09 - 00000000 ____D C:\ProgramData\PCDr
2016-07-15 21:05 - 2015-11-29 13:38 - 00000000 __HDC C:\Windows\$NtUninstallKB2845142_WM64$
2016-07-15 19:51 - 2012-09-07 14:58 - 00003738 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 19:51 - 2012-04-15 09:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 19:51 - 2011-10-20 20:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-15 18:50 - 2011-10-09 16:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-15 18:49 - 2009-10-04 03:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 22:33 - 2012-11-07 22:05 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Dropbox
2016-07-13 22:23 - 2016-01-10 23:37 - 00000000 ____D C:\Users\Sophia\Documents\Arbeit Norys
2016-07-11 19:48 - 2009-10-10 15:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-07 02:39 - 2011-01-03 12:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-26 14:39 - 2014-06-23 15:50 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2009-10-29 23:40 - 2011-01-02 13:49 - 0019513 _____ () C:\Users\Sophia\AppData\Roaming\UserTile.png
2009-10-07 20:56 - 2010-03-16 17:46 - 0000116 _____ () C:\Users\Sophia\AppData\Roaming\wklnhst.dat
2010-07-07 16:36 - 2015-03-11 18:32 - 0006836 _____ () C:\Users\Sophia\AppData\Local\d3d9caps.dat
2009-10-23 20:08 - 2016-01-27 04:02 - 0000732 _____ () C:\Users\Sophia\AppData\Local\d3d9caps64.dat
2009-10-07 19:32 - 2016-04-24 20:45 - 0113152 _____ () C:\Users\Sophia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-02 19:00 - 2016-02-02 19:00 - 0350652 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0422578 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0351580 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0004198 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0345682 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0423844 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0402450 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI7E5E.txt
2016-02-02 19:00 - 2016-02-02 19:00 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0011714 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0011146 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0011232 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0011370 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0011422 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI7E5E.txt
2016-03-22 23:39 - 2016-03-22 23:39 - 0000000 _____ () C:\Users\Sophia\AppData\Local\{5E14A3ED-25ED-44F1-8908-F37B7570D7EA}
2009-10-09 19:00 - 2009-12-21 20:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Einige Dateien in TEMP:
====================
C:\Users\Sophia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwh1uui.dll
C:\Users\Sophia\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Sophia\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Sophia\AppData\Local\Temp\libeay32.dll
C:\Users\Sophia\AppData\Local\Temp\mpam-c8247271.exe
C:\Users\Sophia\AppData\Local\Temp\msvcr120.dll
C:\Users\Sophia\AppData\Local\Temp\rarext.dll
C:\Users\Sophia\AppData\Local\Temp\Risweb32.exe
C:\Users\Sophia\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-24 18:01

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-07-2016
durchgeführt von Sophia (2016-07-24 21:57:41)
Gestartet von C:\Users\Sophia\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-10-03 20:27:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3595463166-1796683122-1627409653-500 - Administrator - Disabled)
Gast (S-1-5-21-3595463166-1796683122-1627409653-501 - Limited - Disabled)
Sophia (S-1-5-21-3595463166-1796683122-1627409653-1000 - Administrator - Enabled) => C:\Users\Sophia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.1114.2148 - )
AVerMedia A835 USB TV Tuner 8.0.64.43 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.43 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
ccc-core-static (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.45 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5830.12 - Dell Inc.)
Dell Support Center (Version: 3.1.5830.12 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.0.1.0 - Synaptics)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.03.04 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
f.lux (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Flux) (Version:  - )
Foto-Mosaik-Edda 5.5.0 (HKLM-x32\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version:  - Steffen Schirmer)
FotoSketcher 2.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
GetFLV 9.1.2.6 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version:  - )
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.2 - IBM Corp)
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Integrated Webcam Driver (1.04.01.0601)   (HKLM\...\Creative OA008) (Version: 1.04.01.0601 - Creative Technology Ltd.)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Langenscheidt Vokabeltrainer 4.0 Demoversion (HKLM-x32\...\{AD5A6099-D163-4DE9-9485-F2A210EE09B4}) (Version: 4.0.10 - Langenscheidt)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM-x32\...\{90300407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Lite (HKLM-x32\...\{13094693-c268-47a1-832c-034b01596db5}) (Version:  - Nero AG)
O&O MediaRecovery (HKLM-x32\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PhotoFiltre 7 (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre Studio X) (Version:  - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Sicherheitsupdate für Windows Media Player (KB2845142) (HKLM\...\KB2845142_WM64) (Version:  - Microsoft Corporation)
Skins (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Steganos Safe OEM (HKLM-x32\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Tobit.Software clipinc.fx (HKLM-x32\...\Tobit ClipInc Server) (Version:  - Tobit.Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WISO Bewerbung 2008 (HKLM-x32\...\{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}) (Version: 6.1.0.56 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09F5E393-8A48-45F3-B02C-3B6D96A89AF8} - System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => pcalua.exe -a C:\Users\Sophia\Downloads\pf7-setup-en.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {0ACC73E3-28B6-43B5-9C44-6B293C4BA4F0} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {2F87CBE3-FF14-4A3D-A2E4-FAF30E0D7CA0} - System32\Tasks\{3A4BB35E-A62F-4A40-A177-73AE358C27CD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {34137432-B485-4C40-A6F8-A5AD61B8A051} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {37F2978B-DB01-40AD-AE7C-BD6C4051CDA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4D8C98FC-3AFE-4390-8F21-568275B30C1E} - System32\Tasks\{9B2CE4F5-B77C-400B-8B66-B0157D6B2649} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {631680B8-6DD5-426F-AFA2-30BE533336F6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {74FBBDEB-15A8-4B89-8C40-36E011382C42} - System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => pcalua.exe -a C:\Users\Sophia\Downloads\avira_free_antivirus_de.exe -d C:\Windows\SysWOW64
Task: {9710792A-C72D-4D71-92BA-A4262BC64CE0} - System32\Tasks\{1BD7192E-0369-4267-AA15-C6F22AC16D91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/go/help.faq.installer?LastError=1618
Task: {A65ABFC9-A50C-4E70-84D6-6E8116250D72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {B0C91123-B9ED-47D0-AA61-4DB3769E5322} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B180542D-F09C-43D3-865B-75999BBDB68B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B2658FFD-FE10-4BD8-A025-EAC64D6E7E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B470129E-5084-4614-BBA3-193E261DAFD6} - System32\Tasks\{2A6476E4-001C-4983-9886-A85283B4D035} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {BD257C64-70A0-4594-B848-C20C2CE6CDA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D6E3619A-0BA8-4704-AD1E-33DB94E9E257} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {D8A48920-60FC-4F10-9997-11494FAF227D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F9D6D4E7-C69E-4524-9CEB-189F73698348} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {FF57E1FE-9CAA-4BD0-823E-463FEFF51224} - System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => pcalua.exe -a C:\Users\Sophia\Downloads\pfsx-setup-en-10.4.1.exe -d "C:\Program Files (x86)\Mozilla Firefox"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2009-10-04 03:53 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-04 03:53 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-15 20:02 - 2009-10-09 21:11 - 00389120 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2009-10-11 20:31 - 2009-05-27 10:07 - 02230024 _____ () C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
2009-10-04 04:07 - 2010-07-21 17:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sophia\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WISO Bewerbung-Reminder.lnk => C:\Windows\pss\WISO Bewerbung-Reminder.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => "C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" /logon
MSCONFIG\startupreg: ClipIncSrvTray => "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SAFEOEM HotKeys => "C:\Program Files (x86)\Steganos Safe OEM\SteganosHotKeyService.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: XtraRichi => C:\Program Files (x86)\Richi\Richi_Skype_Com.exe /OnStartUp
MSCONFIG\startupreg: YourFile DownloaderInstaller Starter => "C:\Users\Sophia\AppData\Local\Temp\install45508463.exe" -startup

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B05C359F-71EE-42AE-9E20-70C802415C21}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{E4FB67BF-283F-4F22-99D6-426605F7487A}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{9DFDC5A6-0B44-4945-A712-364D25CBE1A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{5E557084-86C0-48D2-89D7-70983E758FD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{7F7FF538-71D1-4B50-8FB1-FEA4BBCB039C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{98F87DBC-9E3F-4705-8820-1B26E524BAF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{60500BB9-48BC-444B-B228-554AD8747730}] => (Allow) svchost.exe
FirewallRules: [{27571AE7-C787-41A4-8670-6E36DE1E2210}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9C531F82-F6F6-4CF0-AF2E-2CD5964F9982}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DD831551-621A-4813-8858-8778D6F571B5}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{47284108-2AC5-4C27-8295-9A0D607BE5FC}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{F7DE9E6A-C636-467F-922F-C6A16D0249D3}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{CEC333DB-793D-42D1-A95A-0AF7EF0F830F}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{8E9E6E56-3D36-4596-8246-B4F1C2751383}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8EA3B2CF-F7F6-49D8-AB9F-E9D5CC48151D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E3F968D7-D5D6-4D1A-AF2F-7A9A82405BE4}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{D17BD124-E17B-428F-BFEC-73DCDA202780}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B7B1E433-960A-4EE5-A95E-DF094CB0FD79}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [UDP Query User{78EE60B1-C735-420E-9427-C1486C24A225}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [{107333F1-502C-4016-9751-21D93564D454}] => (Allow) LPort=80
FirewallRules: [{B603BC84-F1D2-40F9-B53F-15D719A33F32}] => (Allow) LPort=80
FirewallRules: [{E58D0311-4E9D-497D-8F1B-8FA5B3954FBE}] => (Allow) LPort=80
FirewallRules: [TCP Query User{8A71DD60-7C11-42D3-A1C9-5447355584A7}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [UDP Query User{0A76124C-9AC8-4E2D-B1F9-B52A4D74AD8F}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [{6C49B0EE-506D-4E18-86AC-330F956CB11B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4427B135-E7E2-4622-8E1B-E2807EB63CB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D13F511-0764-438A-8D23-AF0D1B09E1E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C569E7-1F5B-4A3F-B01E-4E49CB7DE03F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{46482690-7E4A-45B4-AA5E-53CC243CAB77}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E21F7EBF-B745-44C5-9BE8-FE0542E4B042}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{86C4CC7D-8D13-424D-98FC-4C0BE7AEC30A}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{19D6F1D3-BD01-4BF7-8B5C-6550D1B0031D}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A52470D0-B432-4AAB-8F9D-C40CAA1604A5}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AE252CFF-5D6E-49F5-9128-FE2FEABE6BA9}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{45DA9764-7D77-46FA-8F45-EFF957766547}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{675F5B2B-9E25-47AB-9663-ACA3C29AFB40}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{1F51600D-A8A5-440C-99CE-3B2ACA83E2D7}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{20E66476-D490-4251-B31B-33267E089B1F}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{EF373577-A6FA-4E87-9720-E8AA4E2CF2F2}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [{9F0D1EAE-BD42-44E9-8118-817382C89904}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [TCP Query User{04E991F5-FCC4-4DA2-8B1B-65E2404E60BC}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{065F4778-F241-40A7-927E-5E81FD07179D}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [{4A2CF61B-7D60-4797-B1BB-3F0BAA3D6673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E008055F-1FDC-4A5E-ABD2-3980FB0C455C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{419AADDE-5FAD-4025-9A15-D89764983593}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8449250A-0EB1-4A33-BFAE-FA7254F05A1F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BFD9FA37-14FA-4CE7-83BD-EE45A18E5A48}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9717B5EE-6F18-436A-BB86-673FFA9FA911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5AB7E4A-4E3C-4152-BE2C-CF74D3F0715E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{819C8916-180E-43C6-B5F9-968081A7DF12}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{4F150475-EA94-4124-A6D5-19869C50A359}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{F37D3743-72E5-4C28-8046-D1CBD65FDC69}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{BCDDBCDF-5AC8-4BBA-BB57-4B3D11D1D150}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{0921CDB0-AE39-44D7-B8F8-F84E48B7A715}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{B5368453-8460-4B59-9A38-4CE66BADA7D0}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{C3576CC2-8B96-4081-A7C9-AB47FC72C72D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E35E8A9C-C8FC-4B53-B538-874FD89F7573}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{FE5EA5F8-5814-4B99-B598-3059C7DA305B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E1423783-A600-4F45-AE85-1C467CC07EB3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{A3F2F8F5-BDE3-4B62-A00F-8A6556BEFA10}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{98104441-A692-4FB6-A591-61A9DF32328E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [TCP Query User{A228C6F7-56A2-43D9-807B-C84BB7964554}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D7EBEB6E-6D1E-469E-AA61-FBCC107267AB}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe

==================== Wiederherstellungspunkte =========================

12-06-2016 18:23:06 Geplanter Prüfpunkt
13-06-2016 17:15:28 Windows Update
16-06-2016 08:44:48 Windows Update
17-06-2016 16:12:46 Geplanter Prüfpunkt
18-06-2016 12:42:49 Geplanter Prüfpunkt
05-07-2016 14:44:29 Windows Update
15-07-2016 18:10:25 Windows Update
19-07-2016 08:07:28 Windows Update
24-07-2016 13:59:02 Windows Update
24-07-2016 19:37:56 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Videokamera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/24/2016 05:56:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 02:59:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 02:23:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8

Error: (07/24/2016 02:23:42 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8

Error: (07/24/2016 01:34:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 12:40:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2016 02:56:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5329040

Error: (07/23/2016 02:56:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5329040

Error: (07/23/2016 02:56:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/22/2016 06:47:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\SOPHIA\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\DRUCKEN.LNK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


Systemfehler:
=============
Error: (03/24/2013 10:46:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.03.2013 um 21:43:33 unerwartet heruntergefahren.

Error: (03/24/2013 10:13:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/24/2013 10:04:48 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/22/2013 03:36:28 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/22/2013 08:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/22/2013 07:58:01 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/21/2013 10:08:36 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/21/2013 08:35:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/21/2013 08:26:41 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/20/2013 08:10:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000SftService


CodeIntegrity:
===================================
  Date: 2016-07-24 18:59:03.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:59:01.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:59:00.852
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:58:59.776
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:58:58.668
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:58:57.530
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:22:52.856
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 17:56:50.588
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 15:00:02.973
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 15:00:01.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3066.06 MB
Verfügbarer physikalischer RAM: 1032.15 MB
Summe virtueller Speicher: 6356.41 MB
Verfügbarer virtueller Speicher: 3506.85 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:71.61 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 855CF293)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Ist im gleichen Augenblick noch gelaufen

Hier sind se heiß und dampfend

M-K-D-B · 25.07.2016, 13:19

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <===== ACHTUNG
Task: {09F5E393-8A48-45F3-B02C-3B6D96A89AF8} - System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => pcalua.exe -a C:\Users\Sophia\Downloads\pf7-setup-en.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {74FBBDEB-15A8-4B89-8C40-36E011382C42} - System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => pcalua.exe -a C:\Users\Sophia\Downloads\avira_free_antivirus_de.exe -d C:\Windows\SysWOW64
Task: {FF57E1FE-9CAA-4BD0-823E-463FEFF51224} - System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => pcalua.exe -a C:\Users\Sophia\Downloads\pfsx-setup-en-10.4.1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

M-K-D-B · 28.07.2016, 15:03

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

th.wm · 28.07.2016, 23:47

Servus!

Sorry, war unterwegs beim Arbeiten und dachte ich schaffs noch vor dem 3ten Tag zu antworten..
Ich schreib dir gleich ne PN!

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-07-2016
durchgeführt von Sophia (2016-07-28 15:31:43) Run:1
Gestartet von C:\Users\Sophia\Desktop
Geladene Profile: Sophia (Verfügbare Profile: Sophia)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <===== ACHTUNG
Task: {09F5E393-8A48-45F3-B02C-3B6D96A89AF8} - System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => pcalua.exe -a C:\Users\Sophia\Downloads\pf7-setup-en.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {74FBBDEB-15A8-4B89-8C40-36E011382C42} - System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => pcalua.exe -a C:\Users\Sophia\Downloads\avira_free_antivirus_de.exe -d C:\Windows\SysWOW64
Task: {FF57E1FE-9CAA-4BD0-823E-463FEFF51224} - System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => pcalua.exe -a C:\Users\Sophia\Downloads\pfsx-setup-en-10.4.1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert erfolgreich entfernt
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden. 
C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml => erfolgreich verschoben
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F5E393-8A48-45F3-B02C-3B6D96A89AF8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F5E393-8A48-45F3-B02C-3B6D96A89AF8}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74FBBDEB-15A8-4B89-8C40-36E011382C42}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74FBBDEB-15A8-4B89-8C40-36E011382C42}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F87542B3-A960-489F-93F4-561D1D4FFCE1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF57E1FE-9CAA-4BD0-823E-463FEFF51224}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF57E1FE-9CAA-4BD0-823E-463FEFF51224}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DDD62604-022D-46FC-9838-3A83020CEF97}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YourFile DownloaderInstaller Starter => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende vonCMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende vonCMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105210077 B
Java, Flash, Steam htmlcache => 40415 B
Windows/system/drivers => 1582037475 B
Edge => 0 B
Chrome => 0 B
Firefox => 377350165 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 59220850 B
systemprofile32 => 1181467 B
LocalService => 66228 B
LocalService => 0 B
NetworkService => 172762184 B
NetworkService => 0 B
Sophia => 696910749 B

RecycleBin => 885408930 B
EmptyTemp: => 3.6 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:43:24 ====

Rest folgt natürlich gleich..

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57fbc9ada6d7f240b047a490aa0a9f81
# end=init
# utc_time=2016-07-28 03:12:39
# local_time=2016-07-28 05:12:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 30252
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57fbc9ada6d7f240b047a490aa0a9f81
# end=updated
# utc_time=2016-07-28 03:18:28
# local_time=2016-07-28 05:18:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=57fbc9ada6d7f240b047a490aa0a9f81
# engine=30252
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-28 09:14:52
# local_time=2016-07-28 11:14:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 10829457 92720886 0 0
# scanned=284899
# found=4
# cleaned=0
# scan_time=21383
sh=4FE2F56D55B7E0D189F0BB575B244CE0CD9039BD ft=1 fh=dddd1de02ccb77ff vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Program Files (x86)\GetFLV\keygen.exe"
sh=06187AA602DA70C0A079670280BF9B2C283AFF1E ft=1 fh=c9111abb25988d45 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Sophia\Desktop\Alte Firefox-Daten\aj1j2dp4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\Plugins\npFirefoxPlugin.dll"
sh=7BD1CAA7E4B9A9BEC668F180FB7FFE67F43517D5 ft=1 fh=c2d611617f315ca3 vn="Win32/SoftonicDownloader.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Sophia\Downloads\SoftonicDownloader37175.exe"
sh=CACCA143019CF67A8E3E0979628B0323C919D4B0 ft=1 fh=8a2da9ec53755eeb vn="Win32/SoftonicDownloader.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Sophia\Downloads\SoftonicDownloader68226.exe"

th.wm · 18.08.2016, 11:57

Hitman

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : SOPHIA-PC
   Windows . . . . . . . : 6.0.2.6002.X64/2
   User name . . . . . . : Sophia-PC\Sophia
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-08-18 02:18:37
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 21m 0s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 6

   Objects scanned . . . : 6.411.060
   Files scanned . . . . : 63.594
   Remnants scanned  . . : 471.531 files / 5.875.935 keys

Malware _____________________________________________________________________

   C:\Users\Sophia\Downloads\SoftonicDownloader68226.exe
      Size . . . . . . . : 256.824 bytes
      Age  . . . . . . . : 2292.5 days (2010-05-09 14:07:16)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : C02CCE14F6507BEB844BE662AB8042520ADFCBF67673EAD86686D054608164BA
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Softonic.c
      Fuzzy  . . . . . . : 107.0


Suspicious files ____________________________________________________________

   C:\Users\Sophia\Desktop\FRST64.exe
      Size . . . . . . . : 2.393.600 bytes
      Age  . . . . . . . : 26.4 days (2016-07-22 15:36:33)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : F770C12C039BBBB605B75E06C84134CE6D28D88CC81B44CE1A0FA164497AB8A2
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
      References
         HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Sophia\Desktop\FRST64.exe


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
   HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\AppDataLow\Software\SmartBar\ (Conduit)

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
durchgeführt von Sophia (Administrator) auf SOPHIA-PC (18-08-2016 02:45:39)
Gestartet von C:\Users\Sophia\Desktop
Geladene Profile: Sophia (Verfügbare Profile: Sophia)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_66\bin\jusched.exe"
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-19] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [f.lux] => C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d8327765-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d832776d-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {e999ee64-1075-11e6-bb43-0026b907cf2b} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [840704 2009-04-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{2641EED2-5F8E-4AC2-A38E-7655BB7C2B4A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EA085BBF-1A5F-492C-BE04-02E870D39C8D}: [DhcpNameServer] 192.168.179.1

Internet Explorer:
==================
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {C9C99FA8-8F23-4A82-9A91-1B400495DB37} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.sueddeutsche.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\searchplugins\ecosia.xml [2016-08-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-06]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-08-12]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-02-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-02-03]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [Datei ist nicht signiert]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [Datei ist nicht signiert]
R2 ClipInc001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2230024 2009-05-27] ()
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [511232 2009-10-19] (AVerMedia TECHNOLOGIES, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 OA008Ufd; C:\Windows\System32\DRIVERS\OA008Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA008Vid; C:\Windows\System32\DRIVERS\OA008Vid.sys [313696 2009-05-06] (Creative Technology Ltd.)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-18 02:44 - 2016-08-18 02:44 - 02394624 _____ (Farbar) C:\Users\Sophia\Desktop\FRST64.exe
2016-08-18 02:17 - 2016-08-18 02:42 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-18 02:17 - 2016-08-18 02:17 - 11438608 _____ (SurfRight B.V.) C:\Users\Sophia\Desktop\HitmanPro_x64.exe
2016-08-05 14:43 - 2016-08-05 14:43 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-28 17:11 - 2016-07-28 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2016-07-28 17:11 - 2016-07-28 17:11 - 00000000 ____D C:\Program Files (x86)\Lavalys
2016-07-28 17:08 - 2016-07-28 17:08 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Sophia\Desktop\everesthome220.exe
2016-07-28 17:08 - 2016-07-28 17:08 - 02870984 _____ (ESET) C:\Users\Sophia\Desktop\esetsmartinstaller_deu.exe
2016-07-28 15:31 - 2016-07-28 15:43 - 00005891 _____ C:\Users\Sophia\Desktop\Fixlog.txt
2016-07-24 21:57 - 2016-07-24 22:02 - 00058900 _____ C:\Users\Sophia\Desktop\Addition.txt
2016-07-24 21:53 - 2016-08-18 02:47 - 00019749 _____ C:\Users\Sophia\Desktop\FRST.txt
2016-07-24 19:48 - 2016-07-24 19:48 - 00005064 _____ C:\Users\Sophia\Desktop\JRT.txt
2016-07-24 14:37 - 2016-05-14 17:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-24 14:37 - 2016-05-14 17:53 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-07-24 14:37 - 2016-05-14 17:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-24 14:37 - 2016-05-14 17:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-24 14:37 - 2016-05-14 17:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-07-24 14:37 - 2016-05-14 16:38 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-24 14:37 - 2016-05-14 16:38 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-24 14:37 - 2016-05-14 16:38 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-24 14:37 - 2016-05-11 15:10 - 00516328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-24 14:28 - 2016-05-18 17:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-24 14:28 - 2016-05-18 17:34 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-24 14:08 - 2016-05-14 17:58 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-24 14:08 - 2016-05-14 17:53 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-24 14:08 - 2016-05-14 17:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-24 14:08 - 2016-05-14 17:41 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-24 14:04 - 2016-05-12 16:45 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-24 14:04 - 2016-05-12 16:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-24 14:04 - 2016-05-12 16:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-07-24 14:04 - 2016-05-10 17:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-24 14:04 - 2016-05-10 17:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-24 14:04 - 2016-05-10 17:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-24 14:04 - 2016-05-10 17:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-24 14:04 - 2016-05-10 16:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-24 14:04 - 2016-05-10 16:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-24 14:04 - 2016-05-10 16:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-24 14:00 - 2016-05-12 17:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-24 14:00 - 2016-05-12 17:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-24 14:00 - 2016-05-12 17:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-24 14:00 - 2016-05-12 17:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-24 14:00 - 2016-05-12 17:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-24 14:00 - 2016-05-12 17:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-24 14:00 - 2016-05-12 17:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-24 13:39 - 2016-07-24 13:39 - 00006436 _____ C:\Users\Sophia\Desktop\AdwCleaner[C1].txt
2016-07-24 13:05 - 2016-05-12 21:52 - 18804224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-24 13:05 - 2016-05-12 21:49 - 02351616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-24 13:05 - 2016-05-12 21:46 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-24 13:05 - 2016-05-12 21:45 - 10940416 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-24 13:05 - 2016-05-12 21:44 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-24 13:05 - 2016-05-12 21:43 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 02159104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-24 13:05 - 2016-05-12 21:42 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-24 13:05 - 2016-05-12 21:42 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-24 13:05 - 2016-05-12 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-24 13:05 - 2016-05-12 21:42 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-24 13:05 - 2016-05-12 21:41 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-24 13:05 - 2016-05-12 21:11 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-24 13:05 - 2016-05-12 21:10 - 12840960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-24 13:05 - 2016-05-12 21:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-24 13:05 - 2016-05-12 21:06 - 09755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-24 13:05 - 2016-05-12 21:06 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-24 13:05 - 2016-05-12 21:05 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-24 13:05 - 2016-05-12 21:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00425472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-24 13:05 - 2016-05-12 21:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-24 13:05 - 2016-05-12 21:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-24 13:05 - 2016-05-12 21:03 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-24 13:05 - 2016-05-12 21:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-24 13:05 - 2016-05-12 21:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-24 12:57 - 2016-07-24 13:31 - 00000000 ____D C:\AdwCleaner
2016-07-24 12:55 - 2016-07-24 12:56 - 22851472 _____ (Malwarebytes ) C:\Users\Sophia\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-24 12:55 - 2016-07-24 12:55 - 03712064 _____ C:\Users\Sophia\Desktop\AdwCleaner_5.201.exe
2016-07-24 12:55 - 2016-07-24 12:55 - 01610560 _____ (Malwarebytes) C:\Users\Sophia\Desktop\JRT.exe
2016-07-22 15:47 - 2016-07-22 16:03 - 00078198 _____ C:\Users\Sophia\Downloads\Addition.txt
2016-07-22 15:41 - 2016-07-22 15:51 - 00186918 _____ C:\TDSSKiller.3.1.0.9_22.07.2016_15.41.05_log.txt
2016-07-22 15:39 - 2016-07-22 16:03 - 00034763 _____ C:\Users\Sophia\Downloads\FRST.txt
2016-07-22 15:37 - 2016-07-22 15:38 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sophia\Downloads\tdsskiller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-18 02:45 - 2016-07-15 21:14 - 00000000 ____D C:\FRST
2016-08-18 02:45 - 2011-09-12 14:35 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-08-18 02:15 - 2015-09-28 16:10 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job
2016-08-18 02:14 - 2015-11-18 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-18 02:14 - 2012-11-07 22:09 - 00000000 ___RD C:\Users\Sophia\Dropbox
2016-08-18 02:10 - 2012-02-03 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job
2016-08-18 02:10 - 2011-07-24 10:02 - 00000506 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-08-18 02:10 - 2009-10-07 17:14 - 00000000 ____D C:\Users\Sophia\AppData\Local\SoftThinks
2016-08-18 02:10 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-18 02:10 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-18 02:10 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-17 21:23 - 2006-11-02 17:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-17 21:06 - 2011-07-24 10:03 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2016-08-17 21:06 - 2011-07-24 10:02 - 00003536 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-08-17 20:58 - 2010-02-22 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-17 20:51 - 2016-01-03 15:24 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{994638B0-3BDB-4090-9335-EB2F209502B8}
2016-08-17 20:50 - 2012-09-07 14:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-17 20:45 - 2011-09-12 14:35 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-08-17 05:33 - 2015-09-28 16:10 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job
2016-08-12 12:26 - 2008-01-21 13:10 - 01566504 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-12 12:26 - 2008-01-21 13:09 - 00674032 _____ C:\Windows\system32\perfh007.dat
2016-08-12 12:26 - 2008-01-21 13:09 - 00146012 _____ C:\Windows\system32\perfc007.dat
2016-08-12 12:26 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-08-05 14:44 - 2012-11-07 22:05 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Dropbox
2016-08-01 10:52 - 2012-02-03 18:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80
2016-08-01 10:52 - 2010-02-22 22:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-24 21:49 - 2016-07-15 20:46 - 00001214 _____ C:\Users\Sophia\Desktop\mbam.txt
2016-07-24 18:21 - 2015-11-18 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-24 18:21 - 2015-11-18 18:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-24 15:29 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-07-24 14:58 - 2006-11-02 17:21 - 00414776 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-24 14:28 - 2013-07-21 00:01 - 00000000 ____D C:\Windows\system32\MRT
2016-07-24 14:08 - 2006-11-02 14:35 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-07-22 15:37 - 2009-10-04 04:09 - 00000000 ____D C:\ProgramData\PCDr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2009-10-29 23:40 - 2011-01-02 13:49 - 0019513 _____ () C:\Users\Sophia\AppData\Roaming\UserTile.png
2009-10-07 20:56 - 2010-03-16 17:46 - 0000116 _____ () C:\Users\Sophia\AppData\Roaming\wklnhst.dat
2010-07-07 16:36 - 2015-03-11 18:32 - 0006836 _____ () C:\Users\Sophia\AppData\Local\d3d9caps.dat
2009-10-23 20:08 - 2016-01-27 04:02 - 0000732 _____ () C:\Users\Sophia\AppData\Local\d3d9caps64.dat
2009-10-07 19:32 - 2016-04-24 20:45 - 0113152 _____ () C:\Users\Sophia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-02 19:00 - 2016-02-02 19:00 - 0350652 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0422578 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0351580 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0004198 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0345682 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0423844 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0402450 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI7E5E.txt
2016-02-02 19:00 - 2016-02-02 19:00 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI1974.txt
2011-01-02 15:23 - 2011-01-02 15:24 - 0011714 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI2F05.txt
2016-01-31 14:59 - 2016-01-31 14:59 - 0011146 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI452D.txt
2016-02-02 11:47 - 2016-02-02 11:47 - 0011232 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4E6E.txt
2016-02-02 11:48 - 2016-02-02 11:48 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4F18.txt
2010-02-10 14:05 - 2010-02-10 14:05 - 0011370 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI738C.txt
2010-02-17 21:55 - 2010-02-17 21:56 - 0011422 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI7E5E.txt
2016-03-22 23:39 - 2016-03-22 23:39 - 0000000 _____ () C:\Users\Sophia\AppData\Local\{5E14A3ED-25ED-44F1-8908-F37B7570D7EA}
2009-10-09 19:00 - 2009-12-21 20:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Einige Dateien in TEMP:
====================
C:\Users\Sophia\AppData\Local\Temp\{D298F6D9-5444-40CA-ACD1-AC11E0A18794}-GoogleUpdateSetup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-18 02:18

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-08-2016
durchgeführt von Sophia (18-08-2016 02:48:21)
Gestartet von C:\Users\Sophia\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-10-03 20:27:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3595463166-1796683122-1627409653-500 - Administrator - Disabled)
Gast (S-1-5-21-3595463166-1796683122-1627409653-501 - Limited - Disabled)
Sophia (S-1-5-21-3595463166-1796683122-1627409653-1000 - Administrator - Enabled) => C:\Users\Sophia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.1114.2148 - )
AVerMedia A835 USB TV Tuner 8.0.64.43 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.43 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
ccc-core-static (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.45 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5830.12 - Dell Inc.)
Dell Support Center (Version: 3.1.5830.12 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.0.1.0 - Synaptics)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.03.04 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
f.lux (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Flux) (Version:  - )
Foto-Mosaik-Edda 5.5.0 (HKLM-x32\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version:  - Steffen Schirmer)
FotoSketcher 2.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
GetFLV 9.1.2.6 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version:  - )
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.2 - IBM Corp)
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Integrated Webcam Driver (1.04.01.0601)   (HKLM\...\Creative OA008) (Version: 1.04.01.0601 - Creative Technology Ltd.)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Langenscheidt Vokabeltrainer 4.0 Demoversion (HKLM-x32\...\{AD5A6099-D163-4DE9-9485-F2A210EE09B4}) (Version: 4.0.10 - Langenscheidt)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM-x32\...\{90300407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Lite (HKLM-x32\...\{13094693-c268-47a1-832c-034b01596db5}) (Version:  - Nero AG)
O&O MediaRecovery (HKLM-x32\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PhotoFiltre 7 (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre Studio X) (Version:  - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Sicherheitsupdate für Windows Media Player (KB2845142) (HKLM\...\KB2845142_WM64) (Version:  - Microsoft Corporation)
Skins (x32 Version: 2008.1114.2149.39131 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Steganos Safe OEM (HKLM-x32\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Tobit.Software clipinc.fx (HKLM-x32\...\Tobit ClipInc Server) (Version:  - Tobit.Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WISO Bewerbung 2008 (HKLM-x32\...\{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}) (Version: 6.1.0.56 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0ACC73E3-28B6-43B5-9C44-6B293C4BA4F0} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {2F87CBE3-FF14-4A3D-A2E4-FAF30E0D7CA0} - System32\Tasks\{3A4BB35E-A62F-4A40-A177-73AE358C27CD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {34137432-B485-4C40-A6F8-A5AD61B8A051} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {37F2978B-DB01-40AD-AE7C-BD6C4051CDA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4D8C98FC-3AFE-4390-8F21-568275B30C1E} - System32\Tasks\{9B2CE4F5-B77C-400B-8B66-B0157D6B2649} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {631680B8-6DD5-426F-AFA2-30BE533336F6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {9710792A-C72D-4D71-92BA-A4262BC64CE0} - System32\Tasks\{1BD7192E-0369-4267-AA15-C6F22AC16D91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/go/help.faq.installer?LastError=1618
Task: {A65ABFC9-A50C-4E70-84D6-6E8116250D72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {B0C91123-B9ED-47D0-AA61-4DB3769E5322} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B180542D-F09C-43D3-865B-75999BBDB68B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B2658FFD-FE10-4BD8-A025-EAC64D6E7E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B470129E-5084-4614-BBA3-193E261DAFD6} - System32\Tasks\{2A6476E4-001C-4983-9886-A85283B4D035} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {BD257C64-70A0-4594-B848-C20C2CE6CDA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D6E3619A-0BA8-4704-AD1E-33DB94E9E257} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.)
Task: {D8A48920-60FC-4F10-9997-11494FAF227D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F9D6D4E7-C69E-4524-9CEB-189F73698348} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-06-21] (PC-Doctor, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2009-10-04 03:53 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-04 03:53 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-15 20:02 - 2009-10-09 21:11 - 00389120 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2009-10-11 20:31 - 2009-05-27 10:07 - 02230024 _____ () C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
2009-10-04 05:53 - 2008-11-26 23:45 - 00119296 _____ () C:\Windows\system32\atitmm64.dll
2009-10-04 04:07 - 2010-07-21 17:36 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2009-10-04 04:00 - 2009-10-04 04:00 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-09-18 17:30 - 2008-09-18 17:30 - 01186816 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx
2008-11-18 20:25 - 2008-11-18 20:25 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-10-04 04:07 - 2010-07-21 17:34 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-10-04 04:07 - 2010-07-21 17:34 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-10-04 04:07 - 2010-07-21 17:33 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2016-08-05 14:43 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-05 14:43 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-08-05 14:43 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\select.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-05 14:42 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-08-05 14:43 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-05 14:42 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-05 14:42 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-05 14:43 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-05 14:42 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-08-05 14:43 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-05 14:43 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-05 14:42 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-05 14:43 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-05 14:43 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
2016-08-05 14:43 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-08-05 14:43 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-08-05 14:43 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 14:43 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sophia\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WISO Bewerbung-Reminder.lnk => C:\Windows\pss\WISO Bewerbung-Reminder.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => "C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" /logon
MSCONFIG\startupreg: ClipIncSrvTray => "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe"
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SAFEOEM HotKeys => "C:\Program Files (x86)\Steganos Safe OEM\SteganosHotKeyService.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: XtraRichi => C:\Program Files (x86)\Richi\Richi_Skype_Com.exe /OnStartUp

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B05C359F-71EE-42AE-9E20-70C802415C21}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{E4FB67BF-283F-4F22-99D6-426605F7487A}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{9DFDC5A6-0B44-4945-A712-364D25CBE1A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{5E557084-86C0-48D2-89D7-70983E758FD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{7F7FF538-71D1-4B50-8FB1-FEA4BBCB039C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{98F87DBC-9E3F-4705-8820-1B26E524BAF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{60500BB9-48BC-444B-B228-554AD8747730}] => (Allow) svchost.exe
FirewallRules: [{27571AE7-C787-41A4-8670-6E36DE1E2210}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9C531F82-F6F6-4CF0-AF2E-2CD5964F9982}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DD831551-621A-4813-8858-8778D6F571B5}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{47284108-2AC5-4C27-8295-9A0D607BE5FC}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{F7DE9E6A-C636-467F-922F-C6A16D0249D3}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{CEC333DB-793D-42D1-A95A-0AF7EF0F830F}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{8E9E6E56-3D36-4596-8246-B4F1C2751383}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8EA3B2CF-F7F6-49D8-AB9F-E9D5CC48151D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E3F968D7-D5D6-4D1A-AF2F-7A9A82405BE4}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{D17BD124-E17B-428F-BFEC-73DCDA202780}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B7B1E433-960A-4EE5-A95E-DF094CB0FD79}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [UDP Query User{78EE60B1-C735-420E-9427-C1486C24A225}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe
FirewallRules: [{107333F1-502C-4016-9751-21D93564D454}] => (Allow) LPort=80
FirewallRules: [{B603BC84-F1D2-40F9-B53F-15D719A33F32}] => (Allow) LPort=80
FirewallRules: [{E58D0311-4E9D-497D-8F1B-8FA5B3954FBE}] => (Allow) LPort=80
FirewallRules: [TCP Query User{8A71DD60-7C11-42D3-A1C9-5447355584A7}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [UDP Query User{0A76124C-9AC8-4E2D-B1F9-B52A4D74AD8F}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe
FirewallRules: [{6C49B0EE-506D-4E18-86AC-330F956CB11B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4427B135-E7E2-4622-8E1B-E2807EB63CB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D13F511-0764-438A-8D23-AF0D1B09E1E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C569E7-1F5B-4A3F-B01E-4E49CB7DE03F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{46482690-7E4A-45B4-AA5E-53CC243CAB77}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E21F7EBF-B745-44C5-9BE8-FE0542E4B042}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{86C4CC7D-8D13-424D-98FC-4C0BE7AEC30A}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{19D6F1D3-BD01-4BF7-8B5C-6550D1B0031D}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A52470D0-B432-4AAB-8F9D-C40CAA1604A5}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AE252CFF-5D6E-49F5-9128-FE2FEABE6BA9}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{45DA9764-7D77-46FA-8F45-EFF957766547}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{675F5B2B-9E25-47AB-9663-ACA3C29AFB40}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{1F51600D-A8A5-440C-99CE-3B2ACA83E2D7}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{20E66476-D490-4251-B31B-33267E089B1F}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{EF373577-A6FA-4E87-9720-E8AA4E2CF2F2}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [{9F0D1EAE-BD42-44E9-8118-817382C89904}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe
FirewallRules: [TCP Query User{04E991F5-FCC4-4DA2-8B1B-65E2404E60BC}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{065F4778-F241-40A7-927E-5E81FD07179D}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [{4A2CF61B-7D60-4797-B1BB-3F0BAA3D6673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E008055F-1FDC-4A5E-ABD2-3980FB0C455C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{419AADDE-5FAD-4025-9A15-D89764983593}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8449250A-0EB1-4A33-BFAE-FA7254F05A1F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BFD9FA37-14FA-4CE7-83BD-EE45A18E5A48}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9717B5EE-6F18-436A-BB86-673FFA9FA911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5AB7E4A-4E3C-4152-BE2C-CF74D3F0715E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{819C8916-180E-43C6-B5F9-968081A7DF12}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{4F150475-EA94-4124-A6D5-19869C50A359}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{F37D3743-72E5-4C28-8046-D1CBD65FDC69}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{BCDDBCDF-5AC8-4BBA-BB57-4B3D11D1D150}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{0921CDB0-AE39-44D7-B8F8-F84E48B7A715}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{B5368453-8460-4B59-9A38-4CE66BADA7D0}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{C3576CC2-8B96-4081-A7C9-AB47FC72C72D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E35E8A9C-C8FC-4B53-B538-874FD89F7573}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{FE5EA5F8-5814-4B99-B598-3059C7DA305B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{E1423783-A600-4F45-AE85-1C467CC07EB3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{A3F2F8F5-BDE3-4B62-A00F-8A6556BEFA10}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{98104441-A692-4FB6-A591-61A9DF32328E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [TCP Query User{A228C6F7-56A2-43D9-807B-C84BB7964554}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D7EBEB6E-6D1E-469E-AA61-FBCC107267AB}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Videokamera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/18/2016 02:11:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 08:53:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8

Error: (08/17/2016 08:53:09 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8

Error: (08/17/2016 08:42:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2016 11:13:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2016 02:07:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8

Error: (08/12/2016 02:07:09 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8

Error: (08/12/2016 02:04:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\SOPHIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D64WKZVR.DEFAULT-1415343792518\EXTENSIONS\TRASH> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/12/2016 12:16:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2016 08:18:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8


Systemfehler:
=============
Error: (03/24/2013 10:46:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.03.2013 um 21:43:33 unerwartet heruntergefahren.

Error: (03/24/2013 10:13:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/24/2013 10:04:48 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/22/2013 03:36:28 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/22/2013 08:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/22/2013 07:58:01 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/21/2013 10:08:36 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/21/2013 08:35:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103

Error: (03/21/2013 08:26:41 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (03/20/2013 08:10:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000SftService


CodeIntegrity:
===================================
  Date: 2016-07-29 00:42:13.602
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-28 19:28:12.661
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-28 17:12:07.217
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Sophia\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-28 17:12:06.265
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Sophia\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-28 17:12:04.659
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-28 17:12:03.691
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-07-28 16:52:23.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-28 15:54:19.101
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-28 15:23:53.109
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-07-24 18:59:03.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 3066.06 MB
Verfügbarer physikalischer RAM: 755 MB
Summe virtueller Speicher: 6356.41 MB
Verfügbarer virtueller Speicher: 3638.48 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:91.13 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 855CF293)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Jetzt hats doch etwas länger gedauert. Die liebe Arbeit...

PM schick ich gleich raus.

Super Hilfe bisher, vielen vielen Dank!

Es gibt im Moment keine Virus-Probleme.
Nur habe ich das Gefühl, dass der PC sehr langsam läuft und auch sehr heiß wird.

Mittlerweile habe ich auch kappiert, dass ich ein Vista laufen habe welches sehr bald nicht mehr supportet wird.
Im Anschluß an die Säuberung ist dann wohl ein Umstieg auf Ubutu Mate am sinnvollsten?

23.07.2016, 08:13	#6
M-K-D-B /// TB-Ausbilder	Windows 7: mbam hat einiges gefunden Servus, du hast zweimal die Logdatei von TDSS-Killer gepostet. Die Addition.txt fehlt noch. Bitte nachreichen. Danke.

24.07.2016, 20:59	#10
M-K-D-B /// TB-Ausbilder	Windows 7: mbam hat einiges gefunden Servus, bitte noch die beiden neuen Logdateien von FRST posten.

28.07.2016, 15:03	#13
M-K-D-B /// TB-Ausbilder	Windows 7: mbam hat einiges gefunden Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Windows 7: mbam hat einiges gefunden

Plagegeister aller Art und deren Bekämpfung: Windows 7: mbam hat einiges gefunden