Win Vista - Rechner hängt sich ständig auf

Radja · 04.10.2016, 09:08

Hallo zusammen,

seit einigen Wochen hängt sich mein Rechner ständig auf - es hilft dann nur ein Kaltstart. Selbst der Taskmanager läßt sich nicht aufrufen. Kann es nicht wirklich an einer Anwendung festmachen - der Rechner scheint sich komplett willkürlich zu verabschieden.

Kann mal bitte wer mit mir "drauf" schauen.

DANKE für eure Unterstützung!

Viele Grüße :-)

deeprybka · 06.10.2016, 10:22

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Radja · 06.10.2016, 11:41

Hallo Jürgen,

vielen Dank für Deine Unterstützung!

Hier zunächst die FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Vorname Nachname (Administrator) auf OFFICE1 (06-10-2016 12:19:57)
Gestartet von C:\Users\Vorname Nachname\Desktop
Geladene Profile: Vorname Nachname &  (Verfügbare Profile: Vorname Nachname)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Dropbox, Inc.) C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVC.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16327712 2009-06-26] (NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016 2008-12-04] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-12-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-15] (CyberLink)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371712 2009-07-15] (shbox.de)
HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-04-22] (CyberLink Corp.)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-12-02] (Corel Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_15_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [Infodesk Phone] => "C:\Program Files (x86)\Fischer Software\Infodesk Phone\InfodeskPhone.exe"
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [Dropbox Update] => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Infodesk Phone] => "C:\Program Files (x86)\Fischer Software\Infodesk Phone\InfodeskPhone.exe"
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
Startup: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-09]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A613AC85-778E-46D4-AF83-B95366D74E09}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CD09C163-A404-43E2-B373-BDFF9FF184C7}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=92&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {CA8FE908-E845-4081-937D-C045FEC0FC98} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> DefaultScope {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Vorname Nachname\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default [2016-10-06]
FF Extension: (Avira Browser Safety) - C:\Users\Vorname Nachname\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\Extensions\abs@avira.com.xpi [2016-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll [2010-05-11] (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-898814254-3000735508-3869472208-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Vorname Nachname\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-07] (Citrix Online)
FF Plugin HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Vorname Nachname\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-07] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default [2016-09-14]
CHR Extension: (Google Präsentationen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-04]
CHR Extension: (Google Docs) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-04]
CHR Extension: (Google Drive) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-04]
CHR Extension: (YouTube) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-04]
CHR Extension: (Google-Suche) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04]
CHR Extension: (Google Tabellen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-04]
CHR Extension: (Avira Browserschutz) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-13]
CHR Extension: (Google Docs Offline) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2014-03-06] (Dell SonicWALL, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [Datei ist nicht signiert]
R3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S2 AntiVirMailService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe" [X]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S1 Beep; kein ImagePath
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [103992 2007-09-10] (Brother Industries Ltd.)
R1 DNE; C:\Windows\System32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-11-14] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-10] (Samsung Electronics)
R1 SWIPsec; C:\Windows\system32\Drivers\SWIPsec.sys [110064 2014-03-06] (Dell SonicWALL, Inc.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 12:19 - 2016-10-06 12:20 - 00033001 _____ C:\Users\Vorname Nachname\Desktop\FRST.txt
2016-10-06 12:18 - 2016-10-06 12:18 - 02405376 _____ (Farbar) C:\Users\Vorname Nachname\Desktop\FRST64.exe
2016-10-06 10:42 - 2016-10-06 10:42 - 00044036 _____ C:\Users\Vorname Nachname\Downloads\index(1).pdf
2016-10-06 10:41 - 2016-10-06 10:41 - 00334487 _____ C:\Users\Vorname Nachname\Downloads\index.pdf
2016-10-05 18:47 - 2016-10-05 18:47 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder(2).pdf
2016-10-05 18:46 - 2016-10-05 18:47 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder(1).pdf
2016-10-05 18:46 - 2016-10-05 18:46 - 01443388 _____ C:\Users\Vorname Nachname\Downloads\13_B2_rueckmeldung_schule.pdf
2016-10-05 18:46 - 2016-10-05 18:46 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder.pdf
2016-10-04 16:21 - 2016-10-04 16:21 - 00292288 _____ C:\Windows\Minidump\Mini100416-01.dmp
2016-10-04 16:20 - 2016-10-04 16:20 - 724486792 _____ C:\Windows\MEMORY.DMP
2016-10-03 08:13 - 2016-10-03 08:13 - 00211550 _____ C:\Users\Vorname Nachname\Downloads\305-0436464-8536304.pdf
2016-10-02 09:57 - 2016-10-02 09:57 - 00144133 _____ C:\Users\Vorname Nachname\Downloads\kino_ticket.pdf
2016-09-30 22:17 - 2016-09-30 22:17 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-28 16:35 - 2016-09-28 16:35 - 02184188 _____ C:\Users\Vorname Nachname\Documents\CONSULTING GmbH.pdf
2016-09-27 17:25 - 2016-09-27 17:25 - 09289728 _____ C:\Users\Vorname Nachname\Downloads\Top News_01_2016_Februar 2016_kl.pdf
2016-09-27 17:25 - 2016-09-27 17:25 - 00183321 _____ C:\Users\Vorname Nachname\Downloads\1338560840.pdf
2016-09-27 14:36 - 2016-09-27 14:36 - 00149652 _____ C:\Users\Vorname Nachname\Downloads\faltblatt__gefalzt_auf_din_lang__6-seiter_(wickelfalz)_1.pdf
2016-09-27 11:08 - 2016-09-27 11:08 - 00185048 _____ C:\Users\Vorname Nachname\Downloads\media3440520.PDF
2016-09-27 11:07 - 2016-09-27 11:07 - 00388056 _____ C:\Users\Vorname Nachname\Downloads\media3737920.PDF
2016-09-27 11:07 - 2016-09-27 11:07 - 00034500 _____ C:\Users\Vorname Nachname\Downloads\media3789120.PDF
2016-09-24 00:47 - 2016-10-04 08:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 13:59 - 2016-09-23 13:59 - 01785504 _____ C:\Users\Vorname Nachname\Downloads\OpenStage an FritzBoxFon - V0.4b.pdf
2016-09-23 08:35 - 2016-09-23 08:35 - 00033128 _____ C:\Users\Vorname Nachname\Downloads\981042.pdf
2016-09-22 08:45 - 2016-09-22 08:45 - 00030831 _____ C:\Users\Vorname Nachname\Downloads\w32555.pdf
2016-09-22 05:45 - 2016-09-22 05:45 - 00088576 _____ C:\Users\Vorname Nachname\Desktop\SEK.xls
2016-09-22 05:40 - 2016-09-22 05:40 - 00233472 _____ C:\Users\Vorname Nachname\Desktop\Mappe7.xls
2016-09-21 16:09 - 2016-09-21 16:09 - 01558119 _____ C:\Users\Vorname Nachname\Downloads\EHF05_Factsheet(1).pdf
2016-09-21 11:04 - 2016-09-21 11:04 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft MapPoint Europa 2006.lnk
2016-09-21 11:04 - 2016-09-21 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft MapPoint Europe
2016-09-21 11:02 - 2016-09-21 11:02 - 02901754 _____ C:\Users\Vorname Nachname\Downloads\WMC_Performancebericht_2014.pdf
2016-09-21 10:15 - 2016-09-21 10:15 - 03964863 _____ C:\Users\Vorname Nachname\Downloads\HEH_LB_2014.pdf
2016-09-21 10:02 - 2016-09-21 10:02 - 07237563 _____ C:\Users\Vorname Nachname\Downloads\Performance_Bericht_2014.pdf
2016-09-21 10:02 - 2016-09-21 10:02 - 04076833 _____ C:\Users\Vorname Nachname\Downloads\DeWert-Jahresbericht2014-DS(1).pdf
2016-09-21 09:55 - 2016-09-21 09:55 - 00511949 _____ C:\Users\Vorname Nachname\Downloads\160812_HG-Halbjahresabschluss_2016.pdf
2016-09-21 09:35 - 2016-09-21 09:35 - 06015877 _____ C:\Users\Vorname Nachname\Downloads\ACT Broschüre dt 2015 komplett.pdf
2016-09-21 09:00 - 2016-08-06 16:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 09:00 - 2016-08-06 16:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-16 15:43 - 2016-09-16 15:43 - 01559625 _____ C:\Users\Vorname Nachname\Downloads\EHF05_Factsheet.pdf
2016-09-16 15:14 - 2016-09-16 15:14 - 04076833 _____ C:\Users\Vorname Nachname\Downloads\DeWert-Jahresbericht2014-DS.pdf
2016-09-16 09:24 - 2016-08-12 21:08 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-16 09:24 - 2016-08-12 20:56 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-16 09:18 - 2016-08-12 21:15 - 04693736 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-16 09:18 - 2016-08-12 21:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-16 09:14 - 2016-08-10 18:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-16 09:14 - 2016-08-10 18:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-16 09:14 - 2016-08-10 17:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-16 09:14 - 2016-08-10 17:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-16 09:14 - 2016-08-10 15:14 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-09-16 09:14 - 2016-08-10 15:07 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-09-16 09:12 - 2016-08-03 18:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-09-16 09:12 - 2016-08-03 17:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-09-16 09:12 - 2016-08-03 16:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-16 09:12 - 2016-08-03 16:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-16 09:12 - 2016-08-03 16:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-16 09:11 - 2016-08-14 18:09 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-16 09:11 - 2016-08-14 17:49 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-16 09:11 - 2016-08-14 16:47 - 02803712 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-15 19:35 - 2016-09-07 19:24 - 17975296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-15 19:35 - 2016-09-07 19:22 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-15 19:35 - 2016-09-07 19:22 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-15 19:35 - 2016-09-07 19:21 - 02265600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-15 19:35 - 2016-09-07 19:20 - 02129920 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-15 19:35 - 2016-09-07 19:20 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 01296384 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-15 19:35 - 2016-09-07 19:20 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-09-15 19:35 - 2016-09-07 19:20 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-09-15 19:35 - 2016-09-07 18:54 - 12859392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-15 19:35 - 2016-09-07 18:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-15 19:35 - 2016-09-07 18:52 - 09731584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01831424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-15 19:35 - 2016-09-07 18:51 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01089024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-15 19:35 - 2016-09-07 18:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-15 19:35 - 2016-09-07 18:50 - 01789952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-09-15 19:35 - 2016-09-07 18:50 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-09-15 09:43 - 2016-09-15 09:43 - 00043637 _____ C:\Users\Vorname Nachname\Downloads\Invoice(9).pdf
2016-09-15 09:43 - 2016-09-15 09:43 - 00043637 _____ C:\Users\Vorname Nachname\Downloads\Invoice(8).pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00441716 _____ C:\Users\Vorname Nachname\Downloads\Kindesschutz_alles_gute_fuer_ihr_kind_Flyer.pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00127589 _____ C:\Users\Vorname Nachname\Downloads\U_Erinnerung(2).pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00125952 _____ C:\Users\Vorname Nachname\Downloads\U_Einladung(1).pdf
2016-09-14 16:39 - 2016-09-14 16:39 - 00125952 _____ C:\Users\Vorname Nachname\Downloads\U_Einladung.pdf
2016-09-07 20:44 - 2016-09-07 20:44 - 00028709 _____ C:\Users\Vorname Nachname\Downloads\Satzung_Förderverein.pdf
2016-09-07 12:11 - 2016-09-07 12:11 - 00115841 _____ C:\Users\Vorname Nachname\Downloads\16-09-06_2016-2_DFV_Seehotel_Quartalsbericht.PDF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 12:19 - 2013-07-22 09:19 - 00000000 ____D C:\FRST
2016-10-06 12:17 - 2009-08-19 08:11 - 00000000 ____D C:\Users\Vorname Nachname\Desktop\Scans
2016-10-06 12:16 - 2015-06-25 06:04 - 00001260 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000UA.job
2016-10-06 12:09 - 2011-01-20 13:18 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 11:53 - 2012-09-21 08:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 10:52 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-06 10:52 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-06 07:15 - 2015-06-25 06:04 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000Core.job
2016-10-06 00:09 - 2011-01-20 13:18 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-05 18:42 - 2016-05-24 12:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 11:06 - 2013-08-08 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-05 10:58 - 2009-07-17 10:17 - 00003592 _____ C:\Windows\System32\Tasks\HP Health Check
2016-10-05 10:57 - 2013-02-13 17:59 - 00000000 ___RD C:\Users\Vorname Nachname\Dropbox
2016-10-05 10:53 - 2009-02-04 21:50 - 00514918 _____ C:\ProgramData\nvModes.001
2016-10-05 10:53 - 2009-02-04 21:12 - 00514918 _____ C:\ProgramData\nvModes.dat
2016-10-05 10:52 - 2009-07-17 10:21 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-10-05 10:52 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 16:33 - 2009-02-05 04:46 - 00677534 _____ C:\Windows\system32\perfh007.dat
2016-10-04 16:33 - 2009-02-05 04:46 - 00147046 _____ C:\Windows\system32\perfc007.dat
2016-10-04 16:33 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-10-04 16:33 - 2006-11-02 14:46 - 01576152 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 16:21 - 2015-01-14 13:27 - 00000000 ____D C:\Windows\Minidump
2016-10-04 12:03 - 2006-11-02 17:42 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-04 09:24 - 2009-07-17 10:05 - 00000000 ____D C:\Users\Vorname Nachname
2016-10-04 08:11 - 2012-09-19 21:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-04 08:11 - 2009-07-17 11:16 - 00000456 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2016-09-30 22:17 - 2015-06-25 06:04 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Local\Dropbox
2016-09-30 22:17 - 2013-02-13 17:56 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Roaming\Dropbox
2016-09-29 16:43 - 2015-12-08 10:32 - 00000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-29 16:43 - 2015-12-08 10:32 - 00000872 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-29 16:43 - 2012-12-04 08:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-26 14:22 - 2016-08-27 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2016-09-23 13:03 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-09-21 10:54 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-09-16 09:52 - 2006-11-02 17:21 - 00478264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-16 09:48 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-16 09:11 - 2013-07-14 21:20 - 00000000 ____D C:\Windows\system32\MRT
2016-09-16 09:02 - 2006-11-02 14:35 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-09-13 16:54 - 2012-09-21 08:59 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 16:54 - 2012-09-21 08:59 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 16:54 - 2011-12-07 09:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 16:54 - 2011-07-25 09:27 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 16:54 - 2009-02-04 21:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-12-15 16:29 - 2011-12-15 16:37 - 0000077 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.Desktop.Exception.log
2011-12-15 15:22 - 2015-02-26 18:51 - 0002021 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-12-15 16:29 - 2011-12-15 16:37 - 0000077 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-07-01 09:19 - 2013-07-22 06:19 - 0000005 _____ () C:\Users\Vorname Nachname\AppData\Roaming\WBPU-TTL.DAT
2015-02-11 19:57 - 2015-01-12 19:57 - 0000110 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\DSI240678.dat
2015-04-09 14:20 - 2015-04-09 14:21 - 14970880 _____ () C:\Users\Vorname Nachname\AppData\Local\1B902E7A_stp.CIS
2015-04-09 14:21 - 2015-04-09 14:21 - 0000442 _____ () C:\Users\Vorname Nachname\AppData\Local\1B902E7A_stp.CIS.part
2015-04-09 14:20 - 2015-04-09 14:20 - 0191991 _____ () C:\Users\Vorname Nachname\AppData\Local\38C2540F_stp.CIS
2015-04-09 14:20 - 2015-04-09 14:20 - 0000290 _____ () C:\Users\Vorname Nachname\AppData\Local\38C2540F_stp.CIS.part
2015-04-09 14:20 - 2015-04-09 14:20 - 0385602 _____ () C:\Users\Vorname Nachname\AppData\Local\5D515C96_stp.CIS
2015-04-09 14:20 - 2015-04-09 14:20 - 0000220 _____ () C:\Users\Vorname Nachname\AppData\Local\5D515C96_stp.CIS.part
2014-03-18 22:28 - 2015-12-19 11:26 - 0000680 _____ () C:\Users\Vorname Nachname\AppData\Local\d3d9caps.dat
2009-07-17 11:15 - 2010-07-17 03:15 - 0002188 _____ () C:\Users\Vorname Nachname\AppData\Local\d3d9caps64.dat
2009-07-21 09:16 - 2016-02-16 08:42 - 0020480 _____ () C:\Users\Vorname Nachname\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-18 11:42 - 2011-10-18 11:47 - 0235192 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2011-10-18 11:42 - 2011-10-18 11:42 - 0000002 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35error.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0000002 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35error_lp.txt
2011-10-18 11:42 - 2011-10-18 11:47 - 0310852 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35install.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0087578 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35install_lp.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0974542 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_NET_Framework35_LangPack_MSI3DBD.txt
2011-10-18 11:46 - 2011-10-18 11:47 - 2338310 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_NET_Framework35_x64_MSI3D4B.txt
2010-12-13 23:30 - 2010-12-13 23:30 - 0343710 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI08F8.txt
2009-07-23 10:05 - 2009-07-23 10:05 - 0413006 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI151F.txt
2010-12-10 23:55 - 2010-12-10 23:55 - 0343728 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI31BE.txt
2011-10-18 11:41 - 2011-10-18 11:41 - 0371518 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI395A.txt
2014-02-13 11:54 - 2014-02-13 11:54 - 0384164 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI61F0.txt
2015-07-07 13:16 - 2015-07-07 13:16 - 0432558 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI7A81.txt
2010-12-13 23:30 - 2010-12-13 23:30 - 0013588 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI08F8.txt
2009-07-23 10:05 - 2009-07-23 10:05 - 0013570 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI151F.txt
2010-12-10 23:55 - 2010-12-10 23:55 - 0021112 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI31BE.txt
2011-10-18 11:41 - 2011-10-18 11:41 - 0013882 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI395A.txt
2014-02-13 11:54 - 2014-02-13 11:54 - 0013632 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI61F0.txt
2015-07-07 13:16 - 2015-07-07 13:16 - 0013850 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI7A81.txt
2011-10-18 11:42 - 2011-10-18 11:47 - 0007626 _____ () C:\Users\Vorname Nachname\AppData\Local\uxeventlog.txt
2009-02-04 21:50 - 2016-10-05 10:53 - 0514918 _____ () C:\ProgramData\nvModes.001
2009-02-04 21:12 - 2016-10-05 10:53 - 0514918 _____ () C:\ProgramData\nvModes.dat
2012-05-16 14:34 - 2012-05-16 14:34 - 0000448 _____ () C:\ProgramData\zciaekisnypebbu

Einige Dateien in TEMP:
====================
C:\Users\Vorname Nachname\AppData\Local\Temp\avgnt.exe
C:\Users\Vorname Nachname\AppData\Local\Temp\_is349A.exe
C:\Users\Vorname Nachname\AppData\Local\Temp\_is8AD2.exe
C:\Users\Vorname Nachname\AppData\Local\Temp\_is92B1.exe
C:\Users\Vorname Nachname\AppData\Local\Temp\_is98E8.exe
C:\Users\Vorname Nachname\AppData\Local\Temp\_isF527.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-06 11:29

==================== Ende von FRST.txt ============================

Radja · 06.10.2016, 11:42

und hier die Addiotion (wollte er irgendwei nicht beide in ein Post packen):

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-10-2016
durchgeführt von Vorname Nachname (06-10-2016 12:21:21)
Gestartet von C:\Users\Vorname Nachname\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-03-09 13:38:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-898814254-3000735508-3869472208-500 - Administrator - Disabled)
Gast (S-1-5-21-898814254-3000735508-3869472208-501 - Limited - Enabled)
Vorname Nachname (S-1-5-21-898814254-3000735508-3869472208-1000 - Administrator - Enabled) => C:\Users\Vorname Nachname

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3CDaemon (HKLM-x32\...\3CDaemon) (Version:  - )
3D-Viewer-innoPlus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 12.00.0203 - INNOVA-engineering GmbH)
64 Bit HP CIO Components Installer (Version: 3.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{E44368A0-62C5-44FB-8670-B4013EFD7DB8}) (Version: 2.5.11 - Bizagi Limited)
Bizagi Process Modeler (Version: 2.5.11 - Bizagi Limited) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.2.0 - Business Objects)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Dropbox) (Version: 11.4.21 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 11.4.21 - Dropbox, Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Global VPN Client (HKLM\...\{E828FDAA-B4E0-46B6-B647-7C03CCF48C83}) (Version: 4.9.4 - Dell SonicWALL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.16.0.4800 (HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\GoToMeeting) (Version: 7.16.0.4800 - CitrixOnline)
GoToMeeting 7.16.0.4800 (HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.16.0.4800 - CitrixOnline)
GPL Ghostscript 8.64 (HKLM-x32\...\GPL Ghostscript 8.64) (Version:  - )
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5048.14 - PC-Doctor, Inc.)
HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{E1591139-8B44-411B-A81B-D35F83A0565A}) (Version: 5.7.0.2875 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2717 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2415 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.2.1622 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
MAGIX 3D Maker (embeded) (HKLM-x32\...\MAGIX 3D Maker D) (Version: 6.0.0.8 - MAGIX AG)
MAGIX Foto Manager 8 6.0.1.457 (D) (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.457 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Video deluxe 15 Plus Sonderedition 8.5.0.28 (D) (HKLM-x32\...\MAGIX Video deluxe 15 Plus Sonderedition D) (Version: 8.5.0.28 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.27.0 (D) (HKLM-x32\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.27.0 - MAGIX AG)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}) (Version: 7.10.344.0 - Microsoft)
Microsoft MapPoint Europa 2006 (HKLM-x32\...\{83ED1E80-A1B7-4256-BCF1-AC4A88151A6B}) (Version: 13.00.18.1200 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote 2007 Trial (HKLM-x32\...\ONENOTER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MixPad Audiodatei-Mixer (HKLM-x32\...\MixPad) (Version: 3.59 - NCH Software)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mufin MusicFinder Base 1.5.3.255 (D) (HKLM-x32\...\Mufin MusicFinder Base D) (Version: 1.5.3.255 - MAGIX AG)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
NCH Tone Generator (HKLM-x32\...\ToneGen) (Version: 3.05 - NCH Software)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2325 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2325 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2417 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2417 - CyberLink Corp.) Hidden
Python 2.6 pywin32-212 (HKLM-x32\...\pywin32-py2.6) (Version: 2.12 - Python Software Foundation)
Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5740 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rizone 3D Box Creator (HKLM-x32\...\{4AB8BFBA-5396-42A4-94C0-3786D014A06D}) (Version: 0.0.9.92 - Rizone Technologies)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
ScanSoft PaperPort 11 (HKLM-x32\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
sp43204 (HKLM-x32\...\sp43204) (Version:  - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version:  - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Testversion von Microsoft Office Home and Student 2007 (HKLM\...\OfficeTrial) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
WhatsApp (HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\WhatsApp) (Version: 0.2.684 - WhatsApp)
WhatsApp (HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WhatsApp) (Version: 0.2.684 - WhatsApp)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-898814254-3000735508-3869472208-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-898814254-3000735508-3869472208-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Vorname Nachname\AppData\Local\Citrix\GoToMeeting\1312\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-898814254-3000735508-3869472208-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0774EDC7-1ADC-4315-8EEF-555819431AF0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000UA => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-25] (Dropbox, Inc.)
Task: {0A96A8FF-5249-46CA-B3F4-46564DDD70A9} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {1F1D6DE3-956B-4B7E-B2DC-A7A6DA0FE14C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {2A3F64A4-22FE-4671-9FDB-9A5B93013C48} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {4B0D6099-C4B3-4BBA-9BE8-A580BDE7DFE9} - System32\Tasks\{AFF39F7F-0D81-43F4-A941-B3A71049C76D} => pcalua.exe -a F:\Setup\ChkInst.exe -d F:\ -c Setup
Task: {5149D95D-838E-4933-8F6E-C468DFC3029D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5B9CA713-FFBC-48DF-928A-C07F4CC84636} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-11-05] (PC-Doctor, Inc.)
Task: {6CAEB8CA-7B30-4284-BBD6-184D72975CCB} - System32\Tasks\{F02772E6-CF17-4885-8DDA-56B7B41D7054} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-17] (Skype Technologies S.A.)
Task: {75975F37-86BE-434C-86C7-D50392E4DAB4} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-12-17] ()
Task: {8B3D4F5E-973D-46F7-8B14-29779536E930} - System32\Tasks\{E238BD8D-9332-4D0C-9117-0676172B357B} => pcalua.exe -a "C:\Users\Vorname Nachname\Desktop\NM30.EXE" -d "C:\Users\Vorname Nachname\Desktop"
Task: {8D42B199-E249-4971-9829-EE60AF765246} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A5CA3726-5B3C-4EAA-AAFB-AC93273E2731} - System32\Tasks\{58DC42CA-9ACD-4CE8-961D-AA0CAA03FE2C} => pcalua.exe -a "C:\Users\Vorname Nachname\Desktop\Avatar_The_Game_Demo.exe" -d "C:\Users\Vorname Nachname\Desktop"
Task: {B46F264A-0B76-4B9F-8521-33020B9A5C54} - System32\Tasks\{B1C9739D-62EB-4799-BD30-78F4DB609FA7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.104.211/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-notinstalled
Task: {B9987C3E-9134-4890-B7A9-5FA2F3987F61} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000Core => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-25] (Dropbox, Inc.)
Task: {DE6D0413-2479-4D79-B681-39F7204DD343} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {EA299210-0401-4774-9F54-9B8A11C3BCB2} - System32\Tasks\{9BEE126D-CEFA-4212-8C5C-0E81B390E3D5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.104.211/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000Core.job => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000UA.job => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2009-07-27 22:30 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2012-04-20 21:12 - 2009-09-11 09:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2012-04-20 21:12 - 2010-03-10 16:17 - 00757760 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst3cdu.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-03 22:30 - 2015-03-05 02:03 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00296320 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2009-04-22 22:53 - 2009-04-22 22:53 - 00116104 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2009-04-22 22:52 - 2009-04-22 22:52 - 00074536 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
2009-05-08 10:35 - 2009-05-08 10:35 - 02780432 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2012-04-20 21:10 - 2010-06-07 12:15 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-04-20 21:10 - 2009-09-30 06:51 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2013-11-15 02:48 - 2013-11-15 02:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-05-08 10:34 - 2009-05-08 10:34 - 00559888 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-03-06 16:18 - 2014-03-06 16:18 - 01287168 _____ () C:\Program Files\Dell SonicWALL\Global VPN Client\LIBEAY32.dll
2014-03-06 16:18 - 2014-03-06 16:18 - 00195584 _____ () C:\Program Files\Dell SonicWALL\Global VPN Client\ZLib.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00267656 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2016-09-03 01:17 - 2016-09-09 02:53 - 00035792 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-09-30 22:17 - 2016-09-09 02:53 - 00145864 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-09-30 22:17 - 2016-09-09 02:54 - 00019408 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-09-30 22:17 - 2016-09-09 02:53 - 00116688 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-09-03 01:17 - 2016-09-09 02:53 - 00100296 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-09-03 01:17 - 2016-09-09 02:53 - 00018888 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\select.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00019760 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-09-03 01:17 - 2016-09-09 02:53 - 00694224 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00020816 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-09-03 01:17 - 2016-09-09 02:54 - 00123856 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 01682760 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00020808 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00105928 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00021312 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00052024 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00038696 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-09-30 22:17 - 2016-09-09 02:53 - 00392144 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-09-30 22:17 - 2016-09-09 02:55 - 00020936 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00024528 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00116176 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00381752 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00124880 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00025424 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00024016 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00175560 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00030160 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00043472 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00048592 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00057808 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00024016 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00246592 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00026456 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00028616 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-09-03 01:17 - 2016-09-09 02:54 - 00241104 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00023376 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00020800 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00019776 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00020800 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00020280 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-09-03 01:17 - 2016-09-09 02:55 - 00350152 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00022352 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00024392 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-09-30 22:17 - 2016-09-09 02:51 - 00036296 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\librsync.dll
2016-09-30 22:17 - 2016-09-30 19:43 - 00084280 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
2016-09-30 22:17 - 2016-09-30 19:43 - 01826096 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-09-03 01:17 - 2016-09-09 02:54 - 00083912 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\sip.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00531248 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-09-30 22:17 - 2016-09-30 19:44 - 03928880 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 01972528 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00133424 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00224056 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-09-30 22:17 - 2016-09-30 19:43 - 00207672 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00020288 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-09-30 22:17 - 2016-09-09 02:58 - 00017864 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-09-30 22:17 - 2016-09-09 02:58 - 01631184 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-09-03 01:17 - 2016-09-09 02:55 - 00060880 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-09-03 01:17 - 2016-09-30 19:44 - 00024904 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2008-12-15 17:15 - 2008-12-15 17:15 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2009-02-04 21:26 - 2008-12-03 20:14 - 00034088 _____ () c:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2013-11-15 02:49 - 2013-11-15 02:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2016-04-03 22:29 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-24 17:40 - 2015-09-24 17:40 - 00057856 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_de\brdlang32.DEU
2011-08-11 10:58 - 2015-10-15 09:35 - 09499136 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2011-08-11 10:59 - 2015-10-15 09:36 - 01180160 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU
2012-07-27 22:51 - 2012-07-27 22:51 - 06549432 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\authplay.dll
2011-08-11 10:59 - 2015-10-15 09:35 - 03066880 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU
2015-09-24 17:40 - 2015-09-24 17:40 - 00305544 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2011-08-11 10:59 - 2015-10-15 09:36 - 00014336 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
2011-08-12 10:14 - 2015-10-15 14:09 - 00045568 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.DEU
2011-08-11 10:59 - 2015-10-15 09:36 - 00100352 _____ () C:\Users\Vorname Nachname\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2015-02-13 09:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\awisp.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\awisp.jpg
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img27.jpg
HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img27.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{FC99AE03-D292-48F7-BB91-477CDCDECF79}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{BA9EC296-8434-4583-ACAB-0E78C783702F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [{7A9663BC-D9A5-49AE-8C80-AA1C6AEDA359}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{559010AB-F5FD-412B-A3E1-B6D2B11B5EF1}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{500CCE24-F335-48F6-9310-5C4F781E6C3E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{8B915CB9-0F64-4A76-B86E-41C0C73B1FC9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{A67895BD-FC71-4304-8D00-9FEC3E6DBDE6}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{35E318B8-D6C5-4651-B300-0291A29DC4FD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{8AC5445A-D573-4451-9D7E-510D31D5A2D7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{D210E0E9-0842-4E57-9C6C-125817393DD2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{0FAE24B0-A1F5-45FC-B391-D7CF7664FAC7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{5B083104-6E0C-4E44-94A3-7BC87B7BC9F0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{6FBAF1A4-AE74-4D71-A094-500E3324085A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{230CE759-79A9-4A6C-9748-256BD3F8DF3D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{93E3B2A5-8BA0-4F61-813D-2E9E07101833}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{014FE96D-2307-4076-99C0-AB073EB81C64}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [{0EC2BCA2-2D3A-422E-96FB-80630C336409}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{4054315B-1EAA-4AD9-A861-1BDD04BC24C8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{9DF6E43C-F717-48AF-84B1-47CC15FCC41A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{1DDB87A4-D6DC-4272-A121-54A3DA26686E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{9B851542-E389-4715-A26E-68ACF2F3106E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{91570AB1-2A3C-4AFE-939F-57E799AFDBC3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{4E45B145-A5DC-4BFE-BB91-C77A1F40E933}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{E79FB80C-CF31-464F-A26E-7ED21F403563}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [TCP Query User{85B83C3E-5709-4547-A4B0-D0475E354537}C:\program files (x86)\hewlett-packard\media\tv\hptv.exe] => (Allow) C:\program files (x86)\hewlett-packard\media\tv\hptv.exe
FirewallRules: [UDP Query User{FE5F2968-2025-409A-A124-7F086DB75332}C:\program files (x86)\hewlett-packard\media\tv\hptv.exe] => (Allow) C:\program files (x86)\hewlett-packard\media\tv\hptv.exe
FirewallRules: [TCP Query User{B74D5842-0FFC-47C4-8FE0-24D401C0E0B1}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe
FirewallRules: [UDP Query User{47A790EA-DC29-4EE6-89C3-FA968CB7AB6E}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe
FirewallRules: [TCP Query User{7F179D79-2095-43C5-80E2-4736409686C3}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe
FirewallRules: [UDP Query User{EF0752C3-4BE6-4DDB-9D57-0F45E2E4ADC2}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe
FirewallRules: [TCP Query User{F87A243F-4FB4-46D5-9EDD-706F3F75231A}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{FD8EFD00-E88E-41E0-B5F5-96F5E0C5C866}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{71D6F711-30EF-4C28-80D5-3F92D130D2C9}C:\program files (x86)\anno 1701\anno1701.exe] => (Block) C:\program files (x86)\anno 1701\anno1701.exe
FirewallRules: [UDP Query User{47C97F7F-F5CE-4E41-AE41-22CEE29019A1}C:\program files (x86)\anno 1701\anno1701.exe] => (Block) C:\program files (x86)\anno 1701\anno1701.exe
FirewallRules: [TCP Query User{CD6201A2-A3A7-4365-9188-B50DA6D57F2B}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{7A706A7B-F790-41E4-BBFE-FC9397F5C776}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [TCP Query User{68F0BC50-30FF-45A1-9491-BF80D537AC75}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe
FirewallRules: [UDP Query User{C5B244B1-85F6-43E8-89AA-9362D298BB6F}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe
FirewallRules: [{07D9DB51-06E3-48DF-B87D-3112DB335397}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{06D04BD6-94A1-4682-99D9-714D178DF806}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{26D2D6F6-D916-4B37-819A-78041BF16A50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{2B367B30-2AB2-4682-AC97-4795F0FBA529}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{3F6A16D0-BC36-4965-BB30-8268438E88BB}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{DCF3CCCB-AC9B-4516-8386-B5A331FFCBEA}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{508DCFD3-FEA6-439C-A434-90AE7E893931}] => (Allow) LPort=80
FirewallRules: [{6BB7D85C-09F3-4C72-B2E2-1E67E7F5695C}] => (Allow) LPort=80
FirewallRules: [{8B5AFFD1-F63F-4691-B093-304568264BDD}] => (Allow) LPort=80
FirewallRules: [{B9B4063B-9D72-4A5D-838A-926A3864F325}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C04F95B8-8355-4830-8250-693B75E78149}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2A1462CF-7669-47B6-8CBA-CD2B5E938C2B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{758BAF05-9A16-4F60-A2E5-27D6D99BF1DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C301583C-E297-45CC-8B18-90C27360DD80}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{8C58D4B5-E81E-40CF-A973-82DD2CF8361B}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{6B0C6CF6-A32A-4C97-844C-96B43FF2C54B}] => (Allow) LPort=4481
FirewallRules: [{1A3FD6EE-8EF7-4CA1-85AB-2CAD6A2C1427}] => (Allow) LPort=4481
FirewallRules: [{7F432212-7E64-4A7A-B1BE-8AFFABABB641}] => (Allow) LPort=4482
FirewallRules: [{B49B8C94-59A3-444D-BF29-1C318E5CF570}] => (Allow) LPort=4482
FirewallRules: [{C2487C0C-B1D9-4433-98DD-E626F904BB3E}] => (Allow) C:\Users\Vorname Nachname\AppData\Local\Temp\pft4BE6.tmp\fsetup.exe
FirewallRules: [{3E8D289D-EABC-4A60-B7F1-F45D7AE7D8A1}] => (Allow) C:\Users\Vorname Nachname\AppData\Local\Temp\pft4BE6.tmp\fsetup.exe
FirewallRules: [TCP Query User{34BFC291-5489-4535-8432-43D950FBE1B9}C:\users\Vorname Nachname\appdata\roaming\esikzu\okgeaxo.exe] => (Block) C:\users\Vorname Nachname\appdata\roaming\esikzu\okgeaxo.exe
FirewallRules: [UDP Query User{CD2C1073-5CCE-46E3-B0EA-1B3566DF833C}C:\users\Vorname Nachname\appdata\roaming\esikzu\okgeaxo.exe] => (Block) C:\users\Vorname Nachname\appdata\roaming\esikzu\okgeaxo.exe
FirewallRules: [{7C3B3F3C-7EC8-409A-9861-6492CFD0A9EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{EF9DFDDD-4EDD-4CC3-9DF7-2B2A1545838D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{10FBD506-7E60-40A3-8EED-37E66139E260}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{DC051B16-AD0A-4A86-A444-781A4047219E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{E6CB126D-78A2-43F1-8140-54FD4498B5F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{20DECBE9-BC34-435B-8FC6-202BFC969A3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{6F9A23E7-47FD-41E7-B294-04E2B362DA40}] => (Allow) C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E12A8FDF-B279-46F1-9F94-9AE071136CAB}] => (Allow) C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6E1A8475-9500-498C-9715-F7E74CA66ABA}C:\users\Vorname Nachname\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\Vorname Nachname\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E350B564-0D07-41F2-AA97-27217C3580EA}C:\users\Vorname Nachname\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\Vorname Nachname\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{50FB8317-E73A-4374-A14D-C9A719A9687E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{AEFE0B40-699E-4AAC-9898-363E6A45E34A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{91EAB5C0-4EA5-4902-9A10-E127157F409A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{91C4208A-4CF6-4720-AE80-CC404B0B7AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{29161646-4A41-4D8F-93E6-EB038AB04361}C:\program files (x86)\itunes\itunes.exe] => (Allow) C:\program files (x86)\itunes\itunes.exe
FirewallRules: [UDP Query User{BF5B8EE8-A920-4F9B-B8F5-A7DB5CA14DD3}C:\program files (x86)\itunes\itunes.exe] => (Allow) C:\program files (x86)\itunes\itunes.exe
FirewallRules: [{5201BDC1-80E9-417E-92EE-61863BFBF424}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8B1B7C52-81F6-494D-A4BD-E78FDC46DBBF}C:\program files (x86)\3com\3cdaemon\3cdaemon.exe] => (Allow) C:\program files (x86)\3com\3cdaemon\3cdaemon.exe
FirewallRules: [UDP Query User{0D01EEE4-4B31-4695-ADBB-2B48691CE1EE}C:\program files (x86)\3com\3cdaemon\3cdaemon.exe] => (Allow) C:\program files (x86)\3com\3cdaemon\3cdaemon.exe
FirewallRules: [{20BAD52B-F4EA-4F73-851F-8A494A00A8C9}] => (Allow) LPort=5031
FirewallRules: [{F13CEB19-C716-4268-A815-C739FA08884F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6E1F3E3B-693B-4E58-AF83-4189A100FD70}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{EF3380C0-F9A1-4E61-81BF-F8524261742B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{656B1E17-CE9E-43CD-A5AD-93D46385204C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D7B1E119-84E2-42C6-8015-357479F85CCC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC5600AA-6945-4177-AC4F-69EEA32EDCC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B081E0AA-896A-43ED-B817-D2C491196D92}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{4DCD9038-68FD-426C-88A9-802D974EAC39}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [TCP Query User{1A2AE30B-EEF1-4375-B791-091A20FD7DFA}C:\program files\dell sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\dell sonicwall\global vpn client\swgvc.exe
FirewallRules: [UDP Query User{3037AD4C-ED86-44D1-B158-C337A3AC99E7}C:\program files\dell sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\dell sonicwall\global vpn client\swgvc.exe
FirewallRules: [{7C399D93-89DE-43E0-A34E-5B00361CDFE2}] => (Allow) LPort=5031
FirewallRules: [TCP Query User{0D713E5D-64AC-4B8B-8675-AA97688EC20E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1A86D340-EB81-4B55-ADD6-CE73CDFDBA96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BBE2EFCF-9B2A-4C6F-9CF1-347279FF212C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FD685602-9B31-435F-882F-2EAED5A4C7FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BEFD5B7-876F-49DF-A1A7-F8036B246E46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16A92C0D-B0AA-465D-BF6D-5BA35A5828EF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE
FirewallRules: [{54C941E3-F103-426D-B9A0-6933414140FB}] => (Allow) LPort=54925
FirewallRules: [{AD5D956C-7953-41AD-BAE9-8CF9D74FFE69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8DE51F43-C4AB-4FDB-A71B-436EB4055CDE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EAB4600A-DA4A-4366-8489-78F9A9F970DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8C20E562-6A8F-4722-8C46-352E7D586E26}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5DBD5CA5-D0F8-4A5F-AE49-55E757BD424C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Wiederherstellungspunkte =========================

09-09-2016 00:00:05 Geplanter Prüfpunkt
09-09-2016 19:50:33 Windows Update
11-09-2016 00:00:05 Geplanter Prüfpunkt
12-09-2016 00:00:03 Geplanter Prüfpunkt
13-09-2016 00:00:05 Geplanter Prüfpunkt
15-09-2016 19:35:07 Windows Update
16-09-2016 09:00:59 Windows Update
19-09-2016 12:15:15 Geplanter Prüfpunkt
21-09-2016 00:00:01 Geplanter Prüfpunkt
21-09-2016 01:17:01 Windows Update
21-09-2016 09:00:17 Windows Update
21-09-2016 10:59:05 Microsoft MapPoint Europa 2006 wird installiert
22-09-2016 00:00:04 Geplanter Prüfpunkt
23-09-2016 00:00:03 Geplanter Prüfpunkt
23-09-2016 15:48:47 Geplanter Prüfpunkt
24-09-2016 09:38:17 Windows Update
26-09-2016 15:13:47 Geplanter Prüfpunkt
27-09-2016 14:00:46 Windows Update
29-09-2016 00:00:03 Geplanter Prüfpunkt
30-09-2016 00:00:07 Geplanter Prüfpunkt
30-09-2016 16:13:34 Windows Update
02-10-2016 00:00:01 Geplanter Prüfpunkt
03-10-2016 00:00:01 Geplanter Prüfpunkt
04-10-2016 08:28:38 Windows Update
05-10-2016 11:02:46 Windows Update
06-10-2016 00:00:01 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2016 11:57:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/05/2016 11:57:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/05/2016 10:54:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/04/2016 09:28:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:28:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:28:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:28:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:28:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:26:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/04/2016 09:26:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Vorname Nachname\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5Z3YWV0M.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


Systemfehler:
=============
Error: (10/06/2016 12:05:28 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060731AD742 zugeteilt werden. Der folgende Fehler ist aufgetreten: 
Der Vorgang wurde durch den Benutzer abgebrochen.
. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error: (10/05/2016 11:32:18 AM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060731AD742 zugeteilt werden. Der folgende Fehler ist aufgetreten: 
Der Vorgang wurde durch den Benutzer abgebrochen.
. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error: (10/05/2016 11:32:08 AM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060731AD742 zugeteilt werden. Der folgende Fehler ist aufgetreten: 
Der Vorgang wurde durch den Benutzer abgebrochen.
. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error: (10/05/2016 10:57:10 AM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060731AD742 zugeteilt werden. Der folgende Fehler ist aufgetreten: 
Das Zeitlimit für die Semaphore wurde erreicht.
. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error: (10/05/2016 10:56:11 AM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060731AD742 zugeteilt werden. Der folgende Fehler ist aufgetreten: 
Der Vorgang wurde durch den Benutzer abgebrochen.
. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error: (10/05/2016 10:54:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F2189AE3-E432-427F-93B6-38D1C6F5E8D4}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/05/2016 10:54:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Beep
i8042prt
SRTSP
SRTSPX
SWIPsec

Error: (10/05/2016 10:54:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (10/05/2016 10:54:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (10/05/2016 10:54:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2016-10-06 12:20:40.099
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:39.146
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:38.192
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:37.237
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:36.271
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:35.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:34.391
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-06 12:20:33.411
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-05 19:24:13.539
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-10-05 19:24:12.655
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 6142.33 MB
Verfügbarer physikalischer RAM: 2268.21 MB
Summe virtueller Speicher: 12487.66 MB
Verfügbarer virtueller Speicher: 7794.31 MB

==================== Laufwerke ================================

Drive c: (HP) (Fixed) (Total:582.33 GB) (Free:274.36 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.84 GB) (Free:1.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP2) (Fixed) (Total:596.17 GB) (Free:509.97 GB) NTFS
Drive f: (GEO13EU) (CDROM) (Total:1.38 GB) (Free:0 GB) UDF
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:815.72 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 0A9EBB9C)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 6C91D7E2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka · 06.10.2016, 17:34

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Radja · 07.10.2016, 08:10

Guten Morgen Jürgen,

der TDSS Killer hat nichts gefunden.

VG!

Hier noch der Report:

Code:

ATTFilter

08:59:39.0594 0x15d8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
09:00:18.0642 0x15d8  ============================================================
09:00:18.0642 0x15d8  Current date / time: 2016/10/07 09:00:18.0642
09:00:18.0642 0x15d8  SystemInfo:
09:00:18.0642 0x15d8  
09:00:18.0642 0x15d8  OS Version: 6.0.6002 ServicePack: 2.0
09:00:18.0642 0x15d8  Product type: Workstation
09:00:18.0643 0x15d8  ComputerName: OFFICE1
09:00:18.0643 0x15d8  UserName: Vorname Nachname
09:00:18.0643 0x15d8  Windows directory: C:\Windows
09:00:18.0643 0x15d8  System windows directory: C:\Windows
09:00:18.0643 0x15d8  Running under WOW64
09:00:18.0643 0x15d8  Processor architecture: Intel x64
09:00:18.0643 0x15d8  Number of processors: 4
09:00:18.0643 0x15d8  Page size: 0x1000
09:00:18.0643 0x15d8  Boot type: Normal boot
09:00:18.0643 0x15d8  CodeIntegrityOptions = 0x00000001
09:00:18.0643 0x15d8  ============================================================
09:00:18.0905 0x15d8  KLMD registered as C:\Windows\system32\drivers\01529962.sys
09:00:18.0905 0x15d8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19680, osProperties = 0x1
09:00:19.0177 0x15d8  System UUID: {53DA18A1-C196-7005-9A97-F0B3591B22DD}
09:00:19.0801 0x15d8  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:00:19.0819 0x15d8  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:00:19.0826 0x15d8  Drive \Device\Harddisk2\DR2 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:00:20.0269 0x15d8  ============================================================
09:00:20.0269 0x15d8  \Device\Harddisk0\DR0:
09:00:20.0269 0x15d8  MBR partitions:
09:00:20.0269 0x15d8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48CA7A33
09:00:20.0269 0x15d8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48CA7A72, BlocksNum 0x1BAF44F
09:00:20.0269 0x15d8  \Device\Harddisk1\DR1:
09:00:20.0269 0x15d8  MBR partitions:
09:00:20.0269 0x15d8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82
09:00:20.0269 0x15d8  \Device\Harddisk2\DR2:
09:00:20.0272 0x15d8  MBR partitions:
09:00:20.0272 0x15d8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
09:00:20.0272 0x15d8  ============================================================
09:00:20.0295 0x15d8  C: <-> \Device\Harddisk0\DR0\Partition1
09:00:20.0315 0x15d8  E: <-> \Device\Harddisk1\DR1\Partition1
09:00:20.0365 0x15d8  D: <-> \Device\Harddisk0\DR0\Partition2
09:00:20.0468 0x15d8  G: <-> \Device\Harddisk2\DR2\Partition1
09:00:20.0469 0x15d8  ============================================================
09:00:20.0469 0x15d8  Initialize success
09:00:20.0469 0x15d8  ============================================================
09:00:44.0135 0x0754  ============================================================
09:00:44.0135 0x0754  Scan started
09:00:44.0135 0x0754  Mode: Manual; SigCheck; TDLFS; 
09:00:44.0135 0x0754  ============================================================
09:00:44.0135 0x0754  KSN ping started
09:00:44.0244 0x0754  KSN ping finished: true
09:02:02.0240 0x0754  ================ Scan system memory ========================
09:02:02.0240 0x0754  System memory - ok
09:02:02.0241 0x0754  ================ Scan services =============================
09:02:02.0685 0x0754  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:02:02.0824 0x0754  ACPI - ok
09:02:02.0946 0x0754  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:02:02.0965 0x0754  AdobeARMservice - ok
09:02:03.0077 0x0754  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:02:03.0098 0x0754  AdobeFlashPlayerUpdateSvc - ok
09:02:03.0164 0x0754  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:02:03.0212 0x0754  adp94xx - ok
09:02:03.0246 0x0754  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:02:03.0286 0x0754  adpahci - ok
09:02:03.0310 0x0754  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:02:03.0330 0x0754  adpu160m - ok
09:02:03.0389 0x0754  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:02:03.0411 0x0754  adpu320 - ok
09:02:03.0446 0x0754  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:02:03.0569 0x0754  AeLookupSvc - ok
09:02:03.0608 0x0754  [ 8C771D6FBEE9D6F2E7DDE165940CB513, 1DDD7B495D12446F7FF206102D64D92D063C84EEA8D2F015F727721DC970BBE1 ] AFD             C:\Windows\system32\drivers\afd.sys
09:02:03.0676 0x0754  AFD - ok
09:02:03.0703 0x0754  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:02:03.0721 0x0754  agp440 - ok
09:02:03.0748 0x0754  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:02:03.0767 0x0754  aic78xx - ok
09:02:03.0782 0x0754  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
09:02:03.0916 0x0754  ALG - ok
09:02:03.0935 0x0754  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:02:03.0951 0x0754  aliide - ok
09:02:03.0965 0x0754  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:02:03.0979 0x0754  amdide - ok
09:02:03.0994 0x0754  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:02:04.0050 0x0754  AmdK8 - ok
09:02:04.0096 0x0754  AntiVirMailService - ok
09:02:04.0153 0x0754  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:02:04.0204 0x0754  AntiVirSchedulerService - ok
09:02:04.0268 0x0754  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:02:04.0292 0x0754  AntiVirService - ok
09:02:04.0296 0x0754  AntiVirWebService - ok
09:02:04.0342 0x0754  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
09:02:04.0395 0x0754  Appinfo - ok
09:02:04.0504 0x0754  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:02:04.0519 0x0754  Apple Mobile Device Service - ok
09:02:04.0568 0x0754  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
09:02:04.0586 0x0754  arc - ok
09:02:04.0608 0x0754  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:02:04.0627 0x0754  arcsas - ok
09:02:04.0739 0x0754  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:02:04.0760 0x0754  aspnet_state - ok
09:02:04.0782 0x0754  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:02:04.0836 0x0754  AsyncMac - ok
09:02:04.0863 0x0754  [ 1898FAE8E07D97F2F6C2D5326C633FAC, 62142E7B720C0A7FAD36577EE985B5793CB395574A3ECA9F2AF613C0F889D39C ] atapi           C:\Windows\system32\drivers\atapi.sys
09:02:04.0880 0x0754  atapi - ok
09:02:04.0937 0x0754  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:02:05.0024 0x0754  AudioEndpointBuilder - ok
09:02:05.0041 0x0754  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:02:05.0079 0x0754  AudioSrv - ok
09:02:05.0127 0x0754  [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
09:02:05.0149 0x0754  avgntflt - ok
09:02:05.0183 0x0754  [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
09:02:05.0201 0x0754  avipbb - ok
09:02:05.0265 0x0754  [ 5F0C87F2FA11C991BB93B84BD02151B3, D1A9451968C197609A08FA3B83DA1B5D0A28C805A11C1C40D91FAE9DA5FD1B55 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
09:02:05.0285 0x0754  Avira.ServiceHost - ok
09:02:05.0303 0x0754  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
09:02:05.0317 0x0754  avkmgr - ok
09:02:05.0325 0x0754  Beep - ok
09:02:05.0372 0x0754  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
09:02:05.0449 0x0754  BFE - ok
09:02:05.0520 0x0754  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
09:02:05.0629 0x0754  BITS - ok
09:02:05.0664 0x0754  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:02:05.0721 0x0754  blbdrive - ok
09:02:05.0803 0x0754  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:02:05.0837 0x0754  Bonjour Service - ok
09:02:05.0870 0x0754  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:02:05.0918 0x0754  bowser - ok
09:02:05.0939 0x0754  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:02:05.0987 0x0754  BrFiltLo - ok
09:02:06.0004 0x0754  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:02:06.0046 0x0754  BrFiltUp - ok
09:02:06.0078 0x0754  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
09:02:06.0122 0x0754  Browser - ok
09:02:06.0160 0x0754  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
09:02:06.0178 0x0754  BrSerIb - ok
09:02:06.0192 0x0754  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:02:06.0375 0x0754  Brserid - ok
09:02:06.0407 0x0754  [ 132B32D4B0EC649EDBF4123455237E6D, 1F37D148EB4CE2C3D7AC01E4072EFD1441FAA2915351387B8CF2A714560EAD6B ] BrSerIf         C:\Windows\system32\DRIVERS\BrSerIf.sys
09:02:06.0422 0x0754  BrSerIf - ok
09:02:06.0439 0x0754  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:02:06.0513 0x0754  BrSerWdm - ok
09:02:06.0535 0x0754  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:02:06.0606 0x0754  BrUsbMdm - ok
09:02:06.0654 0x0754  [ D014919FBCCCF077AA4BA0A0E5BA713B, 0E0F74FBF6F26D4476105F49E48122ED58EC1739B54523E1F6E21BDB09ABA5A6 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
09:02:06.0667 0x0754  BrUsbSer - ok
09:02:06.0691 0x0754  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
09:02:06.0704 0x0754  BrUsbSIb - ok
09:02:06.0769 0x0754  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
09:02:06.0793 0x0754  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:02:06.0911 0x0754  Detect skipped due to KSN trusted
09:02:06.0911 0x0754  BrYNSvc - ok
09:02:06.0939 0x0754  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:02:07.0015 0x0754  BTHMODEM - ok
09:02:07.0028 0x0754  catchme - ok
09:02:07.0108 0x0754  [ 5753532C476B83119D85AA43B1B10AB3, 1CF4CA789312B9AB20E00BBFCC20084E6DAA797CE64FAA78B5DEE482D621A289 ] CCALib8         C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
09:02:07.0150 0x0754  CCALib8 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:07.0274 0x0754  Detect skipped due to KSN trusted
09:02:07.0274 0x0754  CCALib8 - ok
09:02:07.0312 0x0754  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:02:07.0402 0x0754  cdfs - ok
09:02:07.0432 0x0754  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:02:07.0488 0x0754  cdrom - ok
09:02:07.0530 0x0754  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:02:07.0580 0x0754  CertPropSvc - ok
09:02:07.0603 0x0754  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:02:07.0659 0x0754  circlass - ok
09:02:07.0697 0x0754  [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS            C:\Windows\system32\CLFS.sys
09:02:07.0748 0x0754  CLFS - ok
09:02:07.0820 0x0754  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:02:07.0839 0x0754  clr_optimization_v2.0.50727_32 - ok
09:02:07.0895 0x0754  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:02:07.0914 0x0754  clr_optimization_v2.0.50727_64 - ok
09:02:07.0975 0x0754  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:02:07.0996 0x0754  clr_optimization_v4.0.30319_32 - ok
09:02:08.0030 0x0754  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:02:08.0052 0x0754  clr_optimization_v4.0.30319_64 - ok
09:02:08.0068 0x0754  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:02:08.0084 0x0754  cmdide - ok
09:02:08.0101 0x0754  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:02:08.0119 0x0754  Compbatt - ok
09:02:08.0126 0x0754  COMSysApp - ok
09:02:08.0140 0x0754  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:02:08.0157 0x0754  crcdisk - ok
09:02:08.0207 0x0754  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:02:08.0264 0x0754  CryptSvc - ok
09:02:08.0321 0x0754  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:02:08.0397 0x0754  DcomLaunch - ok
09:02:08.0573 0x0754  [ AAEE621A1D14B0DFED54A3D30B08C14C, 14C923FBC59BAEB683DBE40A8785C7604035163C71AA779B8108C71F8AF60882 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
09:02:08.0801 0x0754  DevoloNetworkService - ok
09:02:08.0856 0x0754  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:02:08.0938 0x0754  DfsC - ok
09:02:09.0074 0x0754  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
09:02:09.0285 0x0754  DFSR - ok
09:02:09.0297 0x0754  DgiVecp - ok
09:02:09.0349 0x0754  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:02:09.0406 0x0754  Dhcp - ok
09:02:09.0437 0x0754  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
09:02:09.0455 0x0754  disk - ok
09:02:09.0502 0x0754  [ 1306282CA3A15DBA9515D0ACDFCBAC9B, 2F9CD4A0127E011B88C3675D752DEA1E7C2437932DB1C4CE22F73B7F46A44BCE ] DNE             C:\Windows\system32\DRIVERS\dnelwf64.sys
09:02:09.0519 0x0754  DNE - ok
09:02:09.0551 0x0754  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:02:09.0607 0x0754  Dnscache - ok
09:02:09.0639 0x0754  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
09:02:09.0692 0x0754  dot3svc - ok
09:02:09.0726 0x0754  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
09:02:09.0786 0x0754  DPS - ok
09:02:09.0823 0x0754  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:02:09.0874 0x0754  drmkaud - ok
09:02:09.0937 0x0754  [ 51991007674FB3548BE592F5071E747C, 4F73EBBAD41689057FC4CDB1570BA1C668A906722D302E00D87FACF024B514FC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:02:10.0020 0x0754  DXGKrnl - ok
09:02:10.0063 0x0754  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
09:02:10.0142 0x0754  E1G60 - ok
09:02:10.0179 0x0754  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
09:02:10.0229 0x0754  EapHost - ok
09:02:10.0263 0x0754  [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:02:10.0284 0x0754  Ecache - ok
09:02:10.0344 0x0754  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:02:10.0449 0x0754  ehRecvr - ok
09:02:10.0489 0x0754  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
09:02:10.0530 0x0754  ehSched - ok
09:02:10.0562 0x0754  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
09:02:10.0609 0x0754  ehstart - ok
09:02:10.0637 0x0754  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:02:10.0675 0x0754  elxstor - ok
09:02:10.0711 0x0754  [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:02:10.0807 0x0754  EMDMgmt - ok
09:02:10.0842 0x0754  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:02:10.0885 0x0754  ErrDev - ok
09:02:10.0930 0x0754  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
09:02:10.0995 0x0754  EventSystem - ok
09:02:11.0034 0x0754  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
09:02:11.0066 0x0754  exfat - ok
09:02:11.0085 0x0754  ezSharedSvc - ok
09:02:11.0153 0x0754  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:02:11.0207 0x0754  fastfat - ok
09:02:11.0241 0x0754  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:02:11.0280 0x0754  fdc - ok
09:02:11.0300 0x0754  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:02:11.0339 0x0754  fdPHost - ok
09:02:11.0348 0x0754  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:02:11.0420 0x0754  FDResPub - ok
09:02:11.0436 0x0754  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:02:11.0452 0x0754  FileInfo - ok
09:02:11.0467 0x0754  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:02:11.0517 0x0754  Filetrace - ok
09:02:11.0642 0x0754  [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:02:11.0757 0x0754  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
09:02:11.0875 0x0754  Detect skipped due to KSN trusted
09:02:11.0875 0x0754  FirebirdServerMAGIXInstance - ok
09:02:12.0132 0x0754  [ 494F167530B08FBB0BF0924242FDD071, D1AC16908B189FCB0BCE0154BD56F958E87C6ACB757FC5918B1690214DEAB6F4 ] Fitbit Connect  C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
09:02:12.0402 0x0754  Fitbit Connect - ok
09:02:12.0450 0x0754  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:02:12.0485 0x0754  flpydisk - ok
09:02:12.0521 0x0754  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:02:12.0545 0x0754  FltMgr - ok
09:02:12.0619 0x0754  [ DE26C43A170809645297C1B479B7F791, C76AAA07E6C4DD3E9C2035D88F63549D6A32C04329640617959BF86F50AEF735 ] FontCache       C:\Windows\system32\FntCache.dll
09:02:12.0725 0x0754  FontCache - ok
09:02:12.0778 0x0754  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:02:12.0793 0x0754  FontCache3.0.0.0 - ok
09:02:12.0816 0x0754  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:02:12.0871 0x0754  Fs_Rec - ok
09:02:12.0885 0x0754  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:02:12.0903 0x0754  gagp30kx - ok
09:02:12.0966 0x0754  [ 73A2EC1A8DD15F85F92F8AC303A7E39B, 70DDE8F4CE5E4C1DE8D88277ADEE615DF8327233C06658BBB8497D66B4AEBF50 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
09:02:12.0986 0x0754  GameConsoleService - ok
09:02:13.0020 0x0754  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:02:13.0033 0x0754  GEARAspiWDM - ok
09:02:13.0083 0x0754  [ D2D54891B2CAB5C9B8EA4081A093E04A, 2916C140AB571D28DA23C2C746B7FFEF6986B7F39AB4285AAC05A5E6B358A5BD ] gpsvc           C:\Windows\System32\gpsvc.dll
09:02:13.0178 0x0754  gpsvc - ok
09:02:13.0251 0x0754  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:02:13.0268 0x0754  gupdate - ok
09:02:13.0288 0x0754  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:02:13.0303 0x0754  gupdatem - ok
09:02:13.0352 0x0754  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:02:13.0468 0x0754  HDAudBus - ok
09:02:13.0513 0x0754  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:02:13.0595 0x0754  HidBth - ok
09:02:13.0614 0x0754  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:02:13.0688 0x0754  HidIr - ok
09:02:13.0722 0x0754  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\System32\hidserv.dll
09:02:13.0771 0x0754  hidserv - ok
09:02:13.0805 0x0754  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:02:13.0856 0x0754  HidUsb - ok
09:02:13.0891 0x0754  [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
09:02:13.0906 0x0754  hitmanpro37 - ok
09:02:13.0926 0x0754  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:02:13.0981 0x0754  hkmsvc - ok
09:02:14.0047 0x0754  [ AA9EF0B395097F24D289F64445B2FD2E, D7B38E16A0EC9572A5F474E9463592AAC42E35F54009DA8CDA986F86FD38354E ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
09:02:14.0057 0x0754  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
09:02:14.0212 0x0754  Detect skipped due to KSN trusted
09:02:14.0212 0x0754  HP Health Check Service - ok
09:02:14.0238 0x0754  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:02:14.0255 0x0754  HpCISSs - ok
09:02:14.0302 0x0754  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:02:14.0405 0x0754  HTTP - ok
09:02:14.0434 0x0754  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:02:14.0451 0x0754  i2omp - ok
09:02:14.0475 0x0754  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:02:14.0525 0x0754  i8042prt - ok
09:02:14.0589 0x0754  [ 1117AF8C53AA278A4C5B7EF1B00E08F4, 84CA25F488ABCDA161F5CB5F11809EFEA9BD15F09B8DB6CCDA38B009C42353B6 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:02:14.0619 0x0754  IAANTMON - ok
09:02:14.0679 0x0754  [ 5979854E6FDA990107E3170327022117, 6D578735352A181662A5774CD838ED780A1096F929DDE27E09537996459A8180 ] iaStor          C:\Windows\system32\drivers\iastor.sys
09:02:14.0724 0x0754  iaStor - ok
09:02:14.0761 0x0754  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:02:14.0798 0x0754  iaStorV - ok
09:02:14.0865 0x0754  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:02:14.0888 0x0754  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:02:15.0005 0x0754  Detect skipped due to KSN trusted
09:02:15.0005 0x0754  IDriverT - ok
09:02:15.0074 0x0754  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:02:15.0177 0x0754  idsvc - ok
09:02:15.0547 0x0754  [ A124C87CD0B39C9E510E138534468383, B5711A0CECE4ED2B20FFF7F84027F4150FC6569CEDD40945EB3BFCE97D832A96 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:02:16.0049 0x0754  igfx - ok
09:02:16.0093 0x0754  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:02:16.0109 0x0754  iirsp - ok
09:02:16.0152 0x0754  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
09:02:16.0222 0x0754  IKEEXT - ok
09:02:16.0305 0x0754  [ DC64D46EF8ACE3BD1CEC3A4A61608D4E, 7BDF4C202FF47F1D94249CA222897BB216D1B95FADC67E60AE6A6B4E8D3F0A44 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:02:16.0392 0x0754  IntcAzAudAddService - ok
09:02:16.0418 0x0754  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
09:02:16.0435 0x0754  intelide - ok
09:02:16.0454 0x0754  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:02:16.0508 0x0754  intelppm - ok
09:02:16.0541 0x0754  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:02:16.0608 0x0754  IPBusEnum - ok
09:02:16.0639 0x0754  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:02:16.0673 0x0754  IpFilterDriver - ok
09:02:16.0700 0x0754  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:02:16.0758 0x0754  iphlpsvc - ok
09:02:16.0763 0x0754  IpInIp - ok
09:02:16.0775 0x0754  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:02:16.0818 0x0754  IPMIDRV - ok
09:02:16.0845 0x0754  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:02:16.0890 0x0754  IPNAT - ok
09:02:16.0963 0x0754  [ 0BE777523E5CB0E4F2CA2135DB4C60C8, 979BBAC7EAD3F5C913155BC12BB1B87D1EFD39D92293195D50805D657ABECC6D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:02:17.0007 0x0754  iPod Service - ok
09:02:17.0024 0x0754  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:02:17.0083 0x0754  IRENUM - ok
09:02:17.0112 0x0754  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:02:17.0129 0x0754  isapnp - ok
09:02:17.0171 0x0754  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:02:17.0194 0x0754  iScsiPrt - ok
09:02:17.0214 0x0754  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:02:17.0230 0x0754  iteatapi - ok
09:02:17.0275 0x0754  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:02:17.0290 0x0754  iteraid - ok
09:02:17.0303 0x0754  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:02:17.0319 0x0754  kbdclass - ok
09:02:17.0327 0x0754  [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:02:17.0374 0x0754  kbdhid - ok
09:02:17.0438 0x0754  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
09:02:17.0498 0x0754  KeyIso - ok
09:02:17.0545 0x0754  [ A724294640D84234FAC1E02E80ECBC34, 9BA16E1109579FA1C871C22D33C56318DBA22E43E1E82416EDABC7EB3DBAF43D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:02:17.0598 0x0754  KSecDD - ok
09:02:17.0606 0x0754  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:02:17.0663 0x0754  ksthunk - ok
09:02:17.0711 0x0754  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:02:17.0789 0x0754  KtmRm - ok
09:02:17.0834 0x0754  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:02:17.0891 0x0754  LanmanServer - ok
09:02:17.0930 0x0754  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:02:17.0991 0x0754  LanmanWorkstation - ok
09:02:18.0051 0x0754  [ DFEFF67508D3A9AEB1A85D7B0F513B24, 34A02E6BEAFB22B1527C72E0E2D65FA1DBCFB022672116BFF4A903FBBEA8419D ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:02:18.0075 0x0754  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
09:02:18.0204 0x0754  Detect skipped due to KSN trusted
09:02:18.0204 0x0754  LightScribeService - ok
09:02:18.0225 0x0754  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:02:18.0284 0x0754  lltdio - ok
09:02:18.0312 0x0754  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:02:18.0375 0x0754  lltdsvc - ok
09:02:18.0399 0x0754  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:02:18.0458 0x0754  lmhosts - ok
09:02:18.0493 0x0754  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:02:18.0512 0x0754  LSI_FC - ok
09:02:18.0531 0x0754  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:02:18.0550 0x0754  LSI_SAS - ok
09:02:18.0575 0x0754  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:02:18.0594 0x0754  LSI_SCSI - ok
09:02:18.0620 0x0754  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:02:18.0681 0x0754  luafv - ok
09:02:18.0726 0x0754  [ 7717A2CB550267860D3933F3FBA0216F, 77CDFEE372FE28559AA11908B166729E819BC328235D0AF73446863AD9EFF76B ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
09:02:18.0740 0x0754  LVPr2M64 - ok
09:02:18.0744 0x0754  [ 7717A2CB550267860D3933F3FBA0216F, 77CDFEE372FE28559AA11908B166729E819BC328235D0AF73446863AD9EFF76B ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
09:02:18.0757 0x0754  LVPr2Mon - ok
09:02:18.0814 0x0754  [ 8EBEB7E7A0C3D295CA6BBCFA942C6AA8, BAE0A7DDA3869FB5FE0897EEE1C3C6C411C7314515D10461C5C246D43EF1BA3E ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
09:02:18.0832 0x0754  LVPrcS64 - ok
09:02:19.0031 0x0754  [ A5B0494409FB08DCDC42A216C6EAB0F7, A40660D90BDC9E1EBF1B0D985F26EEBD0837983D4357665DE6F5CCDF08345AB9 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
09:02:19.0302 0x0754  LVUVC64 - ok
09:02:19.0357 0x0754  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:02:19.0375 0x0754  MBAMProtector - ok
09:02:19.0435 0x0754  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:02:19.0503 0x0754  MBAMService - ok
09:02:19.0551 0x0754  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:02:19.0569 0x0754  MBAMSwissArmy - ok
09:02:19.0580 0x0754  [ 00080C25E22BD1C17F2B951F167D06D7, 1E554C521CBC7C4A8B76B877CA3F3AFE5485AF580D1AF9AA0E1B14C8C79CD9A6 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:02:19.0595 0x0754  MBAMWebAccessControl - ok
09:02:19.0625 0x0754  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:02:19.0643 0x0754  Mcx2Svc - ok
09:02:19.0679 0x0754  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:02:19.0694 0x0754  megasas - ok
09:02:19.0737 0x0754  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
09:02:19.0773 0x0754  MegaSR - ok
09:02:19.0798 0x0754  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
09:02:19.0858 0x0754  MMCSS - ok
09:02:19.0877 0x0754  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
09:02:19.0934 0x0754  Modem - ok
09:02:19.0959 0x0754  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:02:20.0017 0x0754  monitor - ok
09:02:20.0039 0x0754  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:02:20.0056 0x0754  mouclass - ok
09:02:20.0087 0x0754  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:02:20.0146 0x0754  mouhid - ok
09:02:20.0184 0x0754  [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:02:20.0203 0x0754  MountMgr - ok
09:02:20.0245 0x0754  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:02:20.0266 0x0754  MozillaMaintenance - ok
09:02:20.0290 0x0754  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
09:02:20.0309 0x0754  mpio - ok
09:02:20.0324 0x0754  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:02:20.0372 0x0754  mpsdrv - ok
09:02:20.0418 0x0754  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:02:20.0502 0x0754  MpsSvc - ok
09:02:20.0527 0x0754  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:02:20.0543 0x0754  Mraid35x - ok
09:02:20.0576 0x0754  [ 0F09F5686FD2025C1607B3CA301E3D28, 04F96858C82EDF636F0C8CF8F2286D3A1229BBC9F06C2AFA7BDB9D5DC5BD69BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:02:20.0629 0x0754  MRxDAV - ok
09:02:20.0664 0x0754  [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:02:20.0722 0x0754  mrxsmb - ok
09:02:20.0770 0x0754  [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:02:20.0817 0x0754  mrxsmb10 - ok
09:02:20.0839 0x0754  [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:02:20.0876 0x0754  mrxsmb20 - ok
09:02:20.0898 0x0754  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
09:02:20.0915 0x0754  msahci - ok
09:02:20.0939 0x0754  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:02:20.0958 0x0754  msdsm - ok
09:02:20.0978 0x0754  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
09:02:21.0037 0x0754  MSDTC - ok
09:02:21.0073 0x0754  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:02:21.0126 0x0754  Msfs - ok
09:02:21.0158 0x0754  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:02:21.0174 0x0754  msisadrv - ok
09:02:21.0206 0x0754  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:02:21.0269 0x0754  MSiSCSI - ok
09:02:21.0274 0x0754  msiserver - ok
09:02:21.0304 0x0754  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:02:21.0364 0x0754  MSKSSRV - ok
09:02:21.0382 0x0754  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:02:21.0436 0x0754  MSPCLOCK - ok
09:02:21.0451 0x0754  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:02:21.0491 0x0754  MSPQM - ok
09:02:21.0525 0x0754  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:02:21.0552 0x0754  MsRPC - ok
09:02:21.0580 0x0754  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:02:21.0597 0x0754  mssmbios - ok
09:02:21.0617 0x0754  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:02:21.0669 0x0754  MSTEE - ok
09:02:21.0676 0x0754  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:02:21.0694 0x0754  Mup - ok
09:02:21.0735 0x0754  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
09:02:21.0806 0x0754  napagent - ok
09:02:21.0848 0x0754  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:02:21.0907 0x0754  NativeWifiP - ok
09:02:21.0960 0x0754  NAVENG - ok
09:02:21.0964 0x0754  NAVEX15 - ok
09:02:22.0025 0x0754  [ 54803EAE413ED3AB97976674B0EF122A, B06D419B84EA1FB9EA218D5379F2DD32B0739D029A51DD75CA74C01F25BAA806 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:02:22.0093 0x0754  NDIS - ok
09:02:22.0114 0x0754  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:02:22.0181 0x0754  NdisTapi - ok
09:02:22.0206 0x0754  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:02:22.0264 0x0754  Ndisuio - ok
09:02:22.0306 0x0754  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:02:22.0353 0x0754  NdisWan - ok
09:02:22.0373 0x0754  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:02:22.0419 0x0754  NDProxy - ok
09:02:22.0457 0x0754  [ BD94210175C488F18ADD3E189EE9304C, 450E10FB0BD4F39477752EAC6088984D216757B7151981B382BE9AED33995BF2 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:02:22.0480 0x0754  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:22.0597 0x0754  Detect skipped due to KSN trusted
09:02:22.0597 0x0754  Net Driver HPZ12 - ok
09:02:22.0634 0x0754  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
09:02:22.0685 0x0754  Netaapl - ok
09:02:22.0699 0x0754  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:02:22.0760 0x0754  NetBIOS - ok
09:02:22.0801 0x0754  [ 2EE680D31D685C0DB4F6D5A68F418A96, 27A41F194BA54BC5B27E063AEAB465862A9F73A86AF7B81646E0E08A4FC3510D ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:02:22.0848 0x0754  netbt - ok
09:02:22.0870 0x0754  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
09:02:22.0888 0x0754  Netlogon - ok
09:02:22.0921 0x0754  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
09:02:22.0999 0x0754  Netman - ok
09:02:23.0028 0x0754  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:02:23.0051 0x0754  NetMsmqActivator - ok
09:02:23.0066 0x0754  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:02:23.0088 0x0754  NetPipeActivator - ok
09:02:23.0115 0x0754  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
09:02:23.0181 0x0754  netprofm - ok
09:02:23.0201 0x0754  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:02:23.0222 0x0754  NetTcpActivator - ok
09:02:23.0229 0x0754  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:02:23.0252 0x0754  NetTcpPortSharing - ok
09:02:23.0283 0x0754  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:02:23.0299 0x0754  nfrd960 - ok
09:02:23.0330 0x0754  [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:02:23.0388 0x0754  NlaSvc - ok
09:02:23.0391 0x0754  Norton Internet Security - ok
09:02:23.0413 0x0754  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:02:23.0460 0x0754  Npfs - ok
09:02:23.0561 0x0754  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
09:02:23.0590 0x0754  NPF_devolo - ok
09:02:23.0618 0x0754  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
09:02:23.0670 0x0754  nsi - ok
09:02:23.0689 0x0754  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:02:23.0743 0x0754  nsiproxy - ok
09:02:23.0816 0x0754  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:02:23.0906 0x0754  Ntfs - ok
09:02:23.0931 0x0754  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
09:02:23.0990 0x0754  Null - ok
09:02:24.0373 0x0754  [ 51BD7EF17F0B525994AD5B3748C8288B, EDCFB0FC26119F540A749C9EEA178BB5673F7C2F8480FE0B7843277103A1862E ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:02:24.0851 0x0754  nvlddmkm - ok
09:02:24.0898 0x0754  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:02:24.0918 0x0754  nvraid - ok
09:02:24.0945 0x0754  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:02:24.0962 0x0754  nvstor - ok
09:02:25.0004 0x0754  [ FCE8537BF5D504680212D536A3BFE5E2, 6AE56331F6873D9A003BFDCD2C60B13B1E2C3A81C856807F4620A0FD94F30182 ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:02:25.0036 0x0754  nvsvc - ok
09:02:25.0055 0x0754  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:02:25.0075 0x0754  nv_agp - ok
09:02:25.0080 0x0754  NwlnkFlt - ok
09:02:25.0086 0x0754  NwlnkFwd - ok
09:02:25.0180 0x0754  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:02:25.0223 0x0754  odserv - ok
09:02:25.0267 0x0754  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:02:25.0318 0x0754  ohci1394 - ok
09:02:25.0355 0x0754  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:02:25.0376 0x0754  ose - ok
09:02:25.0431 0x0754  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:02:25.0521 0x0754  p2pimsvc - ok
09:02:25.0549 0x0754  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:02:25.0622 0x0754  p2psvc - ok
09:02:25.0663 0x0754  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
09:02:25.0737 0x0754  Parport - ok
09:02:25.0776 0x0754  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:02:25.0794 0x0754  partmgr - ok
09:02:25.0820 0x0754  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:02:25.0885 0x0754  PcaSvc - ok
09:02:25.0915 0x0754  pccsmcfd - ok
09:02:26.0017 0x0754  [ 7204F835A4355D1AB2853E57C9FF177C, 85FB9F65AF062AAB2464C2CAEEFA63D41542F565B163455320390278BF87330A ] PCD5SRVC{8AAF211B-043E02A9-05040000} C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
09:02:26.0106 0x0754  PCD5SRVC{8AAF211B-043E02A9-05040000} - detected UnsignedFile.Multi.Generic ( 1 )
09:02:26.0224 0x0754  Detect skipped due to KSN trusted
09:02:26.0224 0x0754  PCD5SRVC{8AAF211B-043E02A9-05040000} - ok
09:02:26.0258 0x0754  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
09:02:26.0280 0x0754  pci - ok
09:02:26.0299 0x0754  [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:02:26.0315 0x0754  pciide - ok
09:02:26.0334 0x0754  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:02:26.0356 0x0754  pcmcia - ok
09:02:26.0395 0x0754  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:02:26.0528 0x0754  PEAUTH - ok
09:02:26.0612 0x0754  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:02:26.0667 0x0754  PerfHost - ok
09:02:26.0757 0x0754  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
09:02:26.0868 0x0754  pla - ok
09:02:26.0914 0x0754  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:02:26.0976 0x0754  PlugPlay - ok
09:02:27.0009 0x0754  [ 7FE2AFB17D91CF39843D6766EA31CFC7, A4FF09302976CB204BC9E358ED470BDD54BCDA17E49617FCCCD2820D4C94D631 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:02:27.0035 0x0754  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:27.0158 0x0754  Detect skipped due to KSN trusted
09:02:27.0158 0x0754  Pml Driver HPZ12 - ok
09:02:27.0206 0x0754  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:02:27.0262 0x0754  PNRPAutoReg - ok
09:02:27.0290 0x0754  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:02:27.0366 0x0754  PNRPsvc - ok
09:02:27.0412 0x0754  [ 7CA2487BC51FBE4FA30DE657C61D27D3, 06C43B3FB1349B9362500554A24A38B9C80EB734E37DC90D3495CF3FB9F5CC2B ] Point64         C:\Windows\system32\DRIVERS\point64k.sys
09:02:27.0426 0x0754  Point64 - ok
09:02:27.0474 0x0754  [ 8E2693CFD14188ABA1254F2946F64EEA, BDF41AB6E29712BBB878FA484392E4BC5BBA2EEDDE127346BCCC8099DBD76E5D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:02:27.0546 0x0754  PolicyAgent - ok
09:02:27.0580 0x0754  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:02:27.0627 0x0754  PptpMiniport - ok
09:02:27.0659 0x0754  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
09:02:27.0717 0x0754  Processor - ok
09:02:27.0748 0x0754  [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc         C:\Windows\system32\profsvc.dll
09:02:27.0808 0x0754  ProfSvc - ok
09:02:27.0870 0x0754  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:02:27.0889 0x0754  ProtectedStorage - ok
09:02:27.0935 0x0754  [ 1D0A3F565397D08707F3D75B88586645, 92EC9C26CD446E86C37CB2FAF235B97D68D9682DD240563EC0C81000FAD7AF25 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
09:02:27.0979 0x0754  Ps2 - ok
09:02:28.0011 0x0754  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:02:28.0059 0x0754  PSched - ok
09:02:28.0092 0x0754  [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
09:02:28.0107 0x0754  PxHlpa64 - ok
09:02:28.0164 0x0754  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:02:28.0243 0x0754  ql2300 - ok
09:02:28.0273 0x0754  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:02:28.0292 0x0754  ql40xx - ok
09:02:28.0331 0x0754  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
09:02:28.0377 0x0754  QWAVE - ok
09:02:28.0398 0x0754  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:02:28.0419 0x0754  QWAVEdrv - ok
09:02:28.0431 0x0754  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:02:28.0471 0x0754  RasAcd - ok
09:02:28.0502 0x0754  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
09:02:28.0545 0x0754  RasAuto - ok
09:02:28.0580 0x0754  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:02:28.0624 0x0754  Rasl2tp - ok
09:02:28.0657 0x0754  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
09:02:28.0696 0x0754  RasMan - ok
09:02:28.0729 0x0754  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:02:28.0774 0x0754  RasPppoe - ok
09:02:28.0802 0x0754  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:02:28.0833 0x0754  RasSstp - ok
09:02:28.0875 0x0754  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:02:28.0914 0x0754  rdbss - ok
09:02:28.0924 0x0754  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:02:28.0981 0x0754  RDPCDD - ok
09:02:29.0010 0x0754  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:02:29.0068 0x0754  rdpdr - ok
09:02:29.0073 0x0754  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:02:29.0109 0x0754  RDPENCDD - ok
09:02:29.0148 0x0754  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:02:29.0208 0x0754  RDPWD - ok
09:02:29.0247 0x0754  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:02:29.0300 0x0754  RemoteAccess - ok
09:02:29.0341 0x0754  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:02:29.0400 0x0754  RemoteRegistry - ok
09:02:29.0433 0x0754  [ AD42432D22940B4215177BE113E4919C, BF04E1F942846B928E523727EB03BBFA83FCE535CF7C0A4E787A5CBA46D5BF8D ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:02:29.0477 0x0754  RimUsb - ok
09:02:29.0514 0x0754  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:02:29.0554 0x0754  RimVSerPort - ok
09:02:29.0560 0x0754  [ 6A0CF73B019CBC9255E23C9192EC3702, 4CD0289BEAA719D4350C5514488B4FB03EFB1AB1DD4A9984C5EA0F0EE023A121 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
09:02:29.0618 0x0754  ROOTMODEM - ok
09:02:29.0692 0x0754  RoxLiveShare9 - ok
09:02:29.0708 0x0754  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
09:02:29.0759 0x0754  RpcLocator - ok
09:02:29.0809 0x0754  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
09:02:29.0866 0x0754  RpcSs - ok
09:02:29.0893 0x0754  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:02:29.0949 0x0754  rspndr - ok
09:02:29.0981 0x0754  [ 8B91737DA75ADD21CB1554B38089196A, 1B57F7EE1607F33D0AB28E9795E146D606E5751756C16A2181F51483BC7D5217 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
09:02:30.0042 0x0754  RTL8169 - ok
09:02:30.0060 0x0754  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
09:02:30.0078 0x0754  SamSs - ok
09:02:30.0094 0x0754  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:02:30.0111 0x0754  sbp2port - ok
09:02:30.0142 0x0754  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:02:30.0198 0x0754  SCardSvr - ok
09:02:30.0250 0x0754  [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule        C:\Windows\system32\schedsvc.dll
09:02:30.0364 0x0754  Schedule - ok
09:02:30.0411 0x0754  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:02:30.0441 0x0754  SCPolicySvc - ok
09:02:30.0465 0x0754  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:02:30.0540 0x0754  SDRSVC - ok
09:02:30.0567 0x0754  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:02:30.0591 0x0754  secdrv - ok
09:02:30.0615 0x0754  [ 251F63DD48559F73766E1159F94A6BD1, 4B18A3DDA49E6E189F44CBFB6387444EE4556B29F040E93A6798B3ACEAE0C382 ] seclogon        C:\Windows\system32\seclogon.dll
09:02:30.0665 0x0754  seclogon - ok
09:02:30.0683 0x0754  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\system32\sens.dll
09:02:30.0725 0x0754  SENS - ok
09:02:30.0739 0x0754  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:02:30.0813 0x0754  Serenum - ok
09:02:30.0837 0x0754  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys
09:02:30.0912 0x0754  Serial - ok
09:02:30.0934 0x0754  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:02:30.0991 0x0754  sermouse - ok
09:02:31.0024 0x0754  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
09:02:31.0068 0x0754  SessionEnv - ok
09:02:31.0081 0x0754  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:02:31.0128 0x0754  sffdisk - ok
09:02:31.0142 0x0754  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:02:31.0193 0x0754  sffp_mmc - ok
09:02:31.0215 0x0754  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:02:31.0268 0x0754  sffp_sd - ok
09:02:31.0286 0x0754  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:02:31.0354 0x0754  sfloppy - ok
09:02:31.0441 0x0754  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:02:31.0516 0x0754  SharedAccess - ok
09:02:31.0571 0x0754  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:02:31.0637 0x0754  ShellHWDetection - ok
09:02:31.0658 0x0754  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:02:31.0676 0x0754  SiSRaid2 - ok
09:02:31.0697 0x0754  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:02:31.0715 0x0754  SiSRaid4 - ok
09:02:31.0766 0x0754  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:02:31.0795 0x0754  SkypeUpdate - ok
09:02:31.0898 0x0754  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
09:02:32.0067 0x0754  slsvc - ok
09:02:32.0111 0x0754  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:02:32.0165 0x0754  SLUINotify - ok
09:02:32.0197 0x0754  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:02:32.0247 0x0754  Smb - ok
09:02:32.0284 0x0754  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:02:32.0320 0x0754  SNMPTRAP - ok
09:02:32.0351 0x0754  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:02:32.0369 0x0754  spldr - ok
09:02:32.0404 0x0754  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:02:32.0461 0x0754  Spooler - ok
09:02:32.0466 0x0754  SRTSP - ok
09:02:32.0472 0x0754  SRTSPX - ok
09:02:32.0515 0x0754  [ D8619847EAAF3015B45DE7E473D9BB36, 823D37B348B2FAC762D2EDD89B48185B32E150AE42ADE675D2CBD380A135A11E ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:02:32.0591 0x0754  srv - ok
09:02:32.0613 0x0754  [ 755A1C892EF4E5EAF7E1495855B1C81B, 4EE31C1E4CF4A9415F143333D6F65C4E47100A5107C0A44164D38F7501226B2A ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:02:32.0647 0x0754  srv2 - ok
09:02:32.0673 0x0754  [ 490870B6684EA4AC9B206EBEAC1E4001, E1C39E0BAE611E7F6E1ECA08D386147B5D56D7B5125255552E3B9F21434B7B95 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:02:32.0695 0x0754  srvnet - ok
09:02:32.0717 0x0754  [ 1612881760C9DF7FBB09B6CF1D3BA0DF, 05577979FE3B5C8C616FD790E162C3A5A721C1442D15A75A0D01C5CAAB5A0AE7 ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
09:02:32.0767 0x0754  sscdbus - ok
09:02:32.0799 0x0754  [ D7803A687E85189EA2B525CC22093521, 10F58A17FCD9C95B0A206C1222246452E344D96FAA2A89F6DE249471CC7FCC8B ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
09:02:32.0828 0x0754  sscdmdfl - ok
09:02:32.0862 0x0754  [ 06DB3D5EB2444083C7F5AF7874765505, 81BC35AF6D3DC7D30C4A0F6BC01FB8018295F158B8D204167CBD185028FF0E23 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
09:02:32.0903 0x0754  sscdmdm - ok
09:02:32.0942 0x0754  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:02:33.0008 0x0754  SSDPSRV - ok
09:02:33.0013 0x0754  SSPORT - ok
09:02:33.0038 0x0754  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:02:33.0063 0x0754  SstpSvc - ok
09:02:33.0099 0x0754  [ 14B4DB4381E4A55F570D8BB699B791D6, 14975F249C59F9D13359FF064433246C46A8A3328ED69A23712649ACAAE9121D ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
09:02:33.0143 0x0754  StillCam - ok
09:02:33.0200 0x0754  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
09:02:33.0268 0x0754  stisvc - ok
09:02:33.0298 0x0754  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:02:33.0313 0x0754  swenum - ok
09:02:33.0432 0x0754  [ AB156962FB279B5F31AD407EC1AD579C, 8ABD78179392E7F48FE711A9B63212ADB5E0F5FF3AFBC004202E072249B399F2 ] SWGVCSvc        C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
09:02:33.0466 0x0754  SWGVCSvc - ok
09:02:33.0495 0x0754  [ F239F52EDC5312559C9EAE1853859F60, 7E94AA5907A97455912E2F11FDA7D533F333348169B3CD2DA98069F0B49134C7 ] SWIPsec         C:\Windows\system32\Drivers\SWIPsec.sys
09:02:33.0513 0x0754  SWIPsec - ok
09:02:33.0563 0x0754  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
09:02:33.0627 0x0754  swprv - ok
09:02:33.0667 0x0754  [ DCF11E08A8524B19EC47515C22BE492E, 538A8C62FA25B37B9A8F23FB61A343C79767829CE6B408AADF941DCB5ABF225A ] SWVNIC          C:\Windows\system32\DRIVERS\swvnic.sys
09:02:33.0680 0x0754  SWVNIC - ok
09:02:33.0699 0x0754  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:02:33.0715 0x0754  Symc8xx - ok
09:02:33.0735 0x0754  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:02:33.0751 0x0754  Sym_hi - ok
09:02:33.0769 0x0754  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:02:33.0785 0x0754  Sym_u3 - ok
09:02:33.0836 0x0754  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
09:02:33.0982 0x0754  SysMain - ok
09:02:34.0019 0x0754  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
09:02:34.0063 0x0754  TabletInputService - ok
09:02:34.0102 0x0754  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:02:34.0166 0x0754  TapiSrv - ok
09:02:34.0186 0x0754  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
09:02:34.0246 0x0754  TBS - ok
09:02:34.0318 0x0754  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:02:34.0397 0x0754  Tcpip - ok
09:02:34.0444 0x0754  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:02:34.0524 0x0754  Tcpip6 - ok
09:02:34.0561 0x0754  [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:02:34.0617 0x0754  tcpipreg - ok
09:02:34.0647 0x0754  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:02:34.0699 0x0754  TDPIPE - ok
09:02:34.0716 0x0754  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:02:34.0770 0x0754  TDTCP - ok
09:02:34.0797 0x0754  [ A47CD175CF72CA5EEDB47C79532A7622, 1F682B002A64D2A8559005651F742DD3AFB50AE5D6DADAF4A75DD08410385FBF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:02:34.0832 0x0754  tdx - ok
09:02:35.0132 0x0754  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:02:35.0471 0x0754  TeamViewer - ok
09:02:35.0512 0x0754  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:02:35.0528 0x0754  TermDD - ok
09:02:35.0575 0x0754  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
09:02:35.0658 0x0754  TermService - ok
09:02:35.0693 0x0754  [ CE4B6956E4E12492715A53076E58761F, 0D12934B8F7D18F5785A3EAEDEC2CBD1C3627F7D73C73E9329C73A3B99990D36 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
09:02:35.0706 0x0754  TFsExDisk - ok
09:02:35.0734 0x0754  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
09:02:35.0763 0x0754  Themes - ok
09:02:35.0787 0x0754  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:02:35.0827 0x0754  THREADORDER - ok
09:02:35.0848 0x0754  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
09:02:35.0911 0x0754  TrkWks - ok
09:02:35.0968 0x0754  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:02:36.0015 0x0754  TrustedInstaller - ok
09:02:36.0056 0x0754  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:02:36.0105 0x0754  tssecsrv - ok
09:02:36.0127 0x0754  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:02:36.0161 0x0754  tunmp - ok
09:02:36.0202 0x0754  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:02:36.0233 0x0754  tunnel - ok
09:02:36.0339 0x0754  [ 4BC24AD1AF866EB21C09D837A8A017E7, 1A2DBCBD49800986CEB34B5A869D2C653914D6E1FAF9A76AE0DEB24D016AEA16 ] TVCapSvc        C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
09:02:36.0363 0x0754  TVCapSvc - ok
09:02:36.0382 0x0754  [ 56196A4FD34A9985AB93531DCDC07DCB, DC4279F37DF6AB6DCFC8E697ACACD3EA60AB3D91F41F8F6BD0D13B1E328B227A ] TVSched         C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
09:02:36.0398 0x0754  TVSched - ok
09:02:36.0419 0x0754  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:02:36.0437 0x0754  uagp35 - ok
09:02:36.0470 0x0754  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:02:36.0552 0x0754  udfs - ok
09:02:36.0586 0x0754  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:02:36.0641 0x0754  UI0Detect - ok
09:02:36.0663 0x0754  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:02:36.0682 0x0754  uliagpkx - ok
09:02:36.0715 0x0754  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:02:36.0741 0x0754  uliahci - ok
09:02:36.0759 0x0754  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:02:36.0779 0x0754  UlSata - ok
09:02:36.0800 0x0754  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:02:36.0821 0x0754  ulsata2 - ok
09:02:36.0842 0x0754  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:02:36.0883 0x0754  umbus - ok
09:02:36.0918 0x0754  [ 01ABE05C401E70795B43A8933B44831E, FF41E2C37F2629C7D18ED448D5217076EB9A5D038D6EC026FC54E3EB41FDAC86 ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
09:02:36.0972 0x0754  UMPass - ok
09:02:37.0005 0x0754  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
09:02:37.0074 0x0754  upnphost - ok
09:02:37.0148 0x0754  [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9, B54B558136FF621A4C63945CF982780CD9C61F3CB15143D73B550E6D0C14A246 ] UPnPService     C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
09:02:37.0204 0x0754  UPnPService - detected UnsignedFile.Multi.Generic ( 1 )
09:02:37.0329 0x0754  Detect skipped due to KSN trusted
09:02:37.0329 0x0754  UPnPService - ok
09:02:37.0357 0x0754  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:02:37.0421 0x0754  USBAAPL64 - ok
09:02:37.0449 0x0754  [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:02:37.0508 0x0754  usbaudio - ok
09:02:37.0542 0x0754  [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:02:37.0595 0x0754  usbccgp - ok
09:02:37.0614 0x0754  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:02:37.0693 0x0754  usbcir - ok
09:02:37.0715 0x0754  [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:02:37.0749 0x0754  usbehci - ok
09:02:37.0775 0x0754  [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:02:37.0802 0x0754  usbhub - ok
09:02:37.0815 0x0754  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:02:37.0891 0x0754  usbohci - ok
09:02:37.0920 0x0754  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:02:37.0960 0x0754  usbprint - ok
09:02:37.0977 0x0754  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:02:37.0997 0x0754  usbscan - ok
09:02:38.0020 0x0754  [ 2702146BBD36B2AF1514CCC1F914646C, 6943396692E64782F04EA2FE40D3C6B6B5CC4E6DD3CFCB5739015AB509EEB3AE ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:02:38.0073 0x0754  USBSTOR - ok
09:02:38.0087 0x0754  [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:02:38.0124 0x0754  usbuhci - ok
09:02:38.0151 0x0754  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:02:38.0213 0x0754  usbvideo - ok
09:02:38.0245 0x0754  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
09:02:38.0292 0x0754  UxSms - ok
09:02:38.0336 0x0754  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
09:02:38.0403 0x0754  vds - ok
09:02:38.0444 0x0754  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:02:38.0493 0x0754  vga - ok
09:02:38.0513 0x0754  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:02:38.0563 0x0754  VgaSave - ok
09:02:38.0586 0x0754  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
09:02:38.0601 0x0754  viaide - ok
09:02:38.0617 0x0754  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:02:38.0633 0x0754  volmgr - ok
09:02:38.0677 0x0754  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:02:38.0719 0x0754  volmgrx - ok
09:02:38.0748 0x0754  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:02:38.0778 0x0754  volsnap - ok
09:02:38.0798 0x0754  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:02:38.0817 0x0754  vsmraid - ok
09:02:38.0886 0x0754  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
09:02:38.0991 0x0754  VSS - ok
09:02:39.0026 0x0754  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
09:02:39.0091 0x0754  W32Time - ok
09:02:39.0117 0x0754  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:02:39.0208 0x0754  WacomPen - ok
09:02:39.0255 0x0754  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:02:39.0287 0x0754  Wanarp - ok
09:02:39.0293 0x0754  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:02:39.0324 0x0754  Wanarpv6 - ok
09:02:39.0434 0x0754  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:02:39.0527 0x0754  wcncsvc - ok
09:02:39.0549 0x0754  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:02:39.0616 0x0754  WcsPlugInService - ok
09:02:39.0680 0x0754  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
09:02:39.0720 0x0754  Wd - ok
09:02:39.0772 0x0754  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:02:39.0837 0x0754  Wdf01000 - ok
09:02:39.0854 0x0754  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:02:39.0914 0x0754  WdiServiceHost - ok
09:02:39.0921 0x0754  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:02:39.0964 0x0754  WdiSystemHost - ok
09:02:40.0083 0x0754  [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient       C:\Windows\System32\webclnt.dll
09:02:40.0145 0x0754  WebClient - ok
09:02:40.0183 0x0754  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:02:40.0240 0x0754  Wecsvc - ok
09:02:40.0254 0x0754  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:02:40.0312 0x0754  wercplsupport - ok
09:02:40.0336 0x0754  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:02:40.0389 0x0754  WerSvc - ok
09:02:40.0420 0x0754  WinDefend - ok
09:02:40.0429 0x0754  WinHttpAutoProxySvc - ok
09:02:40.0491 0x0754  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:02:40.0531 0x0754  Winmgmt - ok
09:02:40.0623 0x0754  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
09:02:40.0752 0x0754  WinRM - ok
09:02:40.0893 0x0754  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:02:40.0985 0x0754  Wlansvc - ok
09:02:41.0498 0x0754  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:02:41.0631 0x0754  wlidsvc - ok
09:02:41.0669 0x0754  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:02:41.0703 0x0754  WmiAcpi - ok
09:02:41.0739 0x0754  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:02:41.0795 0x0754  wmiApSrv - ok
09:02:41.0841 0x0754  WMPNetworkSvc - ok
09:02:41.0916 0x0754  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:02:42.0005 0x0754  WPCSvc - ok
09:02:42.0037 0x0754  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:02:42.0090 0x0754  WPDBusEnum - ok
09:02:42.0136 0x0754  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:02:42.0156 0x0754  WpdUsb - ok
09:02:42.0306 0x0754  [ 4CF27ED8D93A30BAA6F4DF50E62B7675, BDD0BD5C8DF13E0617429775F717E7078537C85921750BD3FE8401D7302166FD ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:02:42.0392 0x0754  WPFFontCache_v0400 - ok
09:02:42.0422 0x0754  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:02:42.0492 0x0754  ws2ifsl - ok
09:02:42.0565 0x0754  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\system32\wscsvc.dll
09:02:42.0603 0x0754  wscsvc - ok
09:02:42.0608 0x0754  WSearch - ok
09:02:43.0139 0x0754  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:02:43.0312 0x0754  wuauserv - ok
09:02:43.0356 0x0754  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:02:43.0387 0x0754  WudfPf - ok
09:02:43.0422 0x0754  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:02:43.0449 0x0754  WUDFRd - ok
09:02:43.0456 0x0754  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:02:43.0497 0x0754  wudfsvc - ok
09:02:43.0557 0x0754  [ 1CACFEF9E5DD866C5B79A135EE729E18, D46DBD2FA4B21F1EE9452EBBCBA143AB5BF83E2C9C8ACF25CEDBEFE02B4EA97D ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
09:02:43.0574 0x0754  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
09:02:43.0583 0x0754  ================ Scan global ===============================
09:02:43.0628 0x0754  [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
09:02:43.0678 0x0754  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
09:02:43.0707 0x0754  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
09:02:43.0769 0x0754  [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
09:02:43.0781 0x0754  [ Global ] - ok
09:02:43.0781 0x0754  ================ Scan MBR ==================================
09:02:43.0795 0x0754  [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
09:02:44.0229 0x0754  \Device\Harddisk0\DR0 - ok
09:02:44.0232 0x0754  [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk1\DR1
09:02:46.0419 0x0754  \Device\Harddisk1\DR1 - ok
09:02:46.0423 0x0754  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
09:02:46.0580 0x0754  \Device\Harddisk2\DR2 - ok
09:02:46.0581 0x0754  ================ Scan VBR ==================================
09:02:46.0584 0x0754  [ 0195742A65C7EE1BA1E620D5B4B828A5 ] \Device\Harddisk0\DR0\Partition1
09:02:46.0599 0x0754  \Device\Harddisk0\DR0\Partition1 - ok
09:02:46.0603 0x0754  [ 56ACAB07268653601D6771A4EAB0DDD3 ] \Device\Harddisk0\DR0\Partition2
09:02:46.0624 0x0754  \Device\Harddisk0\DR0\Partition2 - ok
09:02:46.0628 0x0754  [ 3C86E7712B52FA115A1064D2DE77EA04 ] \Device\Harddisk1\DR1\Partition1
09:02:46.0651 0x0754  \Device\Harddisk1\DR1\Partition1 - ok
09:02:46.0655 0x0754  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk2\DR2\Partition1
09:02:46.0659 0x0754  \Device\Harddisk2\DR2\Partition1 - ok
09:02:46.0660 0x0754  ================ Scan generic autorun ======================
09:02:46.0661 0x0754  SmartMenu - ok
09:02:46.0732 0x0754  [ 731F68141C806BD2359FD878CD05C929, 5D3BBE9C10BE24BC7048B504B99089FDBD9B5C00DE791CC92D2526C7A2B842A7 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
09:02:46.0750 0x0754  IAAnotif - ok
09:02:46.0754 0x0754  NvCplDaemon - ok
09:02:46.0786 0x0754  [ 57C67A2BB1CBB93C7E6FA87181E0D022, 01103B7268FFE7FB394F95E69FEC49FF9297CC98FBA06C22B2A38C0554F04D82 ] C:\Windows\system32\igfxtray.exe
09:02:46.0805 0x0754  IgfxTray - ok
09:02:46.0838 0x0754  [ EF7B8E48605ED48500B7EF4D95B4C0B0, 23DBC3764C23D36F8C97760CBC6D5F4FC01C4CEF816C2359A78988AECC34FA55 ] C:\Windows\system32\igfxpers.exe
09:02:46.0858 0x0754  Persistence - ok
09:02:46.0962 0x0754  [ 66D654BD87BAA3D97EE5909FD2596EC1, 03EE7B28F00D177C6CEB4C8D7C2B31937E5CA77DD1C127863DEF42E941EA867F ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
09:02:47.0079 0x0754  IntelliPoint - ok
09:02:47.0145 0x0754  [ 21D9910EF7EA9C58C8E31EE2C29D5F49, 7F68C168AA029B61810297F21D340B6756F4140642DAD0E3F2CA22AF525312EB ] C:\Program Files\iTunes\iTunesHelper.exe
09:02:47.0162 0x0754  iTunesHelper - ok
09:02:47.0188 0x0754  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
09:02:47.0201 0x0754  hpsysdrv - ok
09:02:47.0230 0x0754  [ 0C8A70BC3BAAF7BF69DCA495C1E1AB79, 02AA7EC4E5AEC4B9C7FE9C32B9FAF0EF3A89FCE3E0C2534F74A4130559201B07 ] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
09:02:47.0244 0x0754  HP Health Check Scheduler - ok
09:02:47.0301 0x0754  [ 4B57A44B5DDFDE882A050CDA5FC3E092, 826E69ED3F55EE68BBFE0C0ADD0EE8B23DF2518C7738F7D3C28A2094326A1617 ] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
09:02:47.0323 0x0754  UpdateP2GoShortCut - ok
09:02:47.0426 0x0754  [ 601D77C0AA637A99073210894554B6BA, 0EE521E25512E7D303D6014D31F2D7057CEAA477F6481451111B941BCB8BF1F2 ] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
09:02:47.0464 0x0754  UpdatePDIRShortCut - ok
09:02:47.0542 0x0754  [ 82A3031F7FAA61CB5E040B0D98A104AF, 5EB990BACE18112658208F517EE2E635DBD00A06380DD9DAB253556C980DEA99 ] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
09:02:47.0579 0x0754  UpdatePSTShortCut - ok
09:02:47.0900 0x0754  [ 68BB0D0F31DAB67979C24218777F97EA, 70C246CEF9603854FA144AAA9396AC100FB0641DC80F6F18F941B65F0C376F3C ] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
09:02:47.0990 0x0754  TSMAgent - ok
09:02:48.0086 0x0754  [ 309C7161F58C75EE88B07F55CA858280, 96B9FBA70E6429251269056E1D983D6C9D999B6340BF896DC04E4C870A2FCD2E ] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
09:02:48.0130 0x0754  CLMLServer for HP TouchSmart - ok
09:02:48.0533 0x0754  [ 3B8C106587A57159639713EEE074EF83, 73EEFBDF1287BAD42AF630C66F4F40B9B9EE27A5EF09C3216F7D44DE7E34C5C2 ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
09:02:48.0689 0x0754  LogitechQuickCamRibbon - ok
09:02:48.0779 0x0754  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
09:02:48.0817 0x0754  SSBkgdUpdate - ok
09:02:48.0854 0x0754  [ 992594885ABD17994D0B38E807F3921A, 8290572D4B759821071060BABA2A793F8D109EC3D6F9DE577923010B3B65DD8B ] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
09:02:48.0883 0x0754  PaperPort PTD - ok
09:02:48.0910 0x0754  [ 88F285801C156064201327EAC45B664C, 8C98A8ED4C78E85D95CF28B7E33C3120F56DA67C26F9C64455111033505C4A69 ] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
09:02:48.0940 0x0754  IndexSearch - ok
09:02:48.0977 0x0754  [ A4A66195EB0ECD574A32AAA92DC0A7BD, 4E30D565917158316A541BB29D73BF5F3A01DAB1240363276DE0C5D59B2BFFFE ] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe
09:02:49.0037 0x0754  PPort11reminder - ok
09:02:49.0090 0x0754  [ B6F6228AB545E2819A60C0D63A84E52E, B1B8F786057DC3CA89B41D4109C1BC014F11DAFBF2A007999B4C7695D6A2377D ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
09:02:49.0185 0x0754  DVDAgent - ok
09:02:49.0229 0x0754  [ 2045D8148B3F5A5187B985104BF1BE8E, 7037E356F73CC28F593AB4E94711047F4C52FE1A8D1C8A2B245767CC80AFDCEF ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
09:02:49.0273 0x0754  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
09:02:49.0396 0x0754  Detect skipped due to KSN trusted
09:02:49.0396 0x0754  FreePDF Assistant - ok
09:02:49.0489 0x0754  [ 4334F0F2DDE36F1AF1B3200F88C1E155, 810F4B920FADA743F3B0033B0B82D4E1CC395D4C02E7AACFB53E7FE81AC921E5 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
09:02:49.0522 0x0754  TVAgent - ok
09:02:49.0724 0x0754  [ 952F8ADABE33BB964DC3FDCB9945BBB8, C2C2928A29C88CD2E40329697C4FD6CB07BC35DA7AABAB50FFD8BE4786F20567 ] C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe
09:02:49.0798 0x0754  CorelDRAW Graphics Suite 11b - detected UnsignedFile.Multi.Generic ( 1 )
09:02:49.0915 0x0754  Detect skipped due to KSN trusted
09:02:49.0915 0x0754  CorelDRAW Graphics Suite 11b - ok
09:02:50.0179 0x0754  [ 696A74A2E7AAD166D0A97499A43AD084, A661156C420B3198A82A6A395B986B28E89645CCFEFF4ED68B95EE5FC447E032 ] C:\Program Files (x86)\MAGIX\Video_deluxe_15_Plus_Sonderedition\TrayServer.exe
09:02:50.0234 0x0754  TrayServer - detected UnsignedFile.Multi.Generic ( 1 )
09:02:50.0356 0x0754  Detect skipped due to KSN trusted
09:02:50.0356 0x0754  TrayServer - ok
09:02:50.0493 0x0754  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:02:50.0527 0x0754  APSDaemon - ok
09:02:50.0579 0x0754  [ 1A68538C43FD405A06FEBF32F4CEC7DB, 0028DBEB7634B18897635B2C22D724DC27D4A62835FB4265D00221F177A5CBDE ] C:\Windows\Samsung\PanelMgr\ssmmgr.exe
09:02:50.0683 0x0754  Samsung PanelMgr - detected UnsignedFile.Multi.Generic ( 1 )
09:02:50.0800 0x0754  Detect skipped due to KSN trusted
09:02:50.0800 0x0754  Samsung PanelMgr - ok
09:02:51.0066 0x0754  [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
09:02:51.0114 0x0754  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
09:02:51.0238 0x0754  Detect skipped due to KSN trusted
09:02:51.0238 0x0754  DivXMediaServer - ok
09:02:51.0668 0x0754  [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
09:02:51.0707 0x0754  avgnt - ok
09:02:51.0970 0x0754  [ C7F05A3FD4A8DC4EE7A7866876E1534C, 03B8D0E44DC4EF0051B791FCADBADA4589E643436EF76F4A62C14979E7D0E9DA ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
09:02:52.0085 0x0754  DivXUpdate - ok
09:02:52.0140 0x0754  [ BED53FBEE97293405A2ED7B3452C17D3, BF3ED1FC03C1F65EDC6B3ECD0AA0536843A81FFF6DC3F7D3BD49B1BADF538CB7 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
09:02:52.0156 0x0754  Avira SystrayStartTrigger - ok
09:02:52.0476 0x0754  [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
09:02:52.0731 0x0754  Fitbit Connect - ok
09:02:53.0009 0x0754  [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
09:02:53.0066 0x0754  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:53.0189 0x0754  Detect skipped due to KSN trusted
09:02:53.0189 0x0754  ControlCenter4 - ok
09:02:53.0477 0x0754  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
09:02:53.0701 0x0754  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:53.0816 0x0754  Detect skipped due to KSN trusted
09:02:53.0816 0x0754  BrStsMon00 - ok
09:02:53.0867 0x0754  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
09:02:53.0904 0x0754  ehTray.exe - ok
09:02:53.0905 0x0754  Infodesk Phone - ok
09:02:54.0025 0x0754  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe
09:02:54.0041 0x0754  Dropbox Update - ok
09:02:54.0202 0x0754  [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
09:02:54.0383 0x0754  Fitbit Connect - ok
09:02:54.0392 0x0754  Waiting for KSN requests completion. In queue: 82
09:02:55.0411 0x0754  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe (  ), 0x41000 ( enabled : updated )
09:02:55.0418 0x0754  Win FW state via NFP2: enabled ( trusted )
09:02:55.0504 0x0754  ============================================================
09:02:55.0504 0x0754  Scan finished
09:02:55.0504 0x0754  ============================================================
09:02:55.0516 0x234c  Detected object count: 0
09:02:55.0516 0x234c  Actual detected object count: 0

deeprybka · 07.10.2016, 14:48

Schritt 1

Echtzeitschutz des Virenscanners abschalten.

Schritt 2

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Radja · 08.10.2016, 08:40

Guten Morgen Jürgen,

hier die Combofix.txt:

Code:

ATTFilter

ComboFix 16-09-28.01 - Vorname Name 07.10.2016  17:31:22.1.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.6142.2908 [GMT 2:00]
ausgeführt von:: c:\users\Vorname Name\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vorname Name\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\RADJAR~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
G:\Autorun.inf
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Nicht in der Lage zu löschen
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-09-07 bis 2016-10-07  ))))))))))))))))))))))))))))))
.
.
2016-10-07 15:42 . 2016-10-07 15:42    --------    d-----w-    c:\users\Public\AppData\Local\temp
2016-10-07 15:42 . 2016-10-07 15:42    --------    d-----w-    c:\users\Default\AppData\Local\temp
2016-10-05 09:09 . 2016-09-15 01:18    12030488    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{805ED9C8-F3AC-44CD-9406-6B7CB5E87A92}\mpengine.dll
2016-09-21 09:04 . 2016-09-21 09:04    --------    d-----w-    c:\program files (x86)\Microsoft MapPoint Europe
2016-09-21 07:00 . 2016-08-06 14:33    2048    ----a-w-    c:\windows\system32\tzres.dll
2016-09-21 07:00 . 2016-08-06 14:18    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
2016-09-16 07:24 . 2016-08-12 19:08    862208    ----a-w-    c:\windows\system32\oleaut32.dll
2016-09-16 07:24 . 2016-08-12 18:56    573952    ----a-w-    c:\windows\SysWow64\oleaut32.dll
2016-09-16 07:23 . 2016-08-17 14:52    2295808    ----a-w-    c:\program files\Windows Journal\Journal.exe
2016-09-16 07:18 . 2016-08-12 19:15    4693736    ----a-w-    c:\windows\system32\ntoskrnl.exe
2016-09-16 07:18 . 2016-08-12 19:07    86016    ----a-w-    c:\windows\system32\csrsrv.dll
2016-09-16 07:14 . 2016-08-10 16:12    258048    ----a-w-    c:\windows\system32\ncrypt.dll
2016-09-16 07:14 . 2016-08-10 15:43    206336    ----a-w-    c:\windows\SysWow64\ncrypt.dll
2016-09-16 07:14 . 2016-08-10 16:12    353280    ----a-w-    c:\windows\system32\schannel.dll
2016-09-16 07:14 . 2016-08-10 15:44    284160    ----a-w-    c:\windows\SysWow64\schannel.dll
2016-09-16 07:14 . 2016-08-10 13:14    275968    ----a-w-    c:\windows\SysWow64\bcrypt.dll
2016-09-16 07:14 . 2016-08-10 13:07    306688    ----a-w-    c:\windows\system32\bcrypt.dll
2016-09-16 07:12 . 2016-08-03 16:23    17920    ----a-w-    c:\windows\system32\netevent.dll
2016-09-16 07:12 . 2016-08-03 15:45    17920    ----a-w-    c:\windows\SysWow64\netevent.dll
2016-09-16 07:12 . 2016-08-03 14:41    451072    ----a-w-    c:\windows\system32\drivers\srv.sys
2016-09-16 07:12 . 2016-08-03 14:40    176128    ----a-w-    c:\windows\system32\drivers\srv2.sys
2016-09-16 07:12 . 2016-08-03 14:40    147456    ----a-w-    c:\windows\system32\drivers\srvnet.sys
2016-09-16 07:11 . 2016-08-14 16:09    820736    ----a-w-    c:\windows\system32\user32.dll
2016-09-16 07:11 . 2016-08-14 15:49    648704    ----a-w-    c:\windows\SysWow64\user32.dll
2016-09-16 07:11 . 2016-08-14 14:47    2803712    ----a-w-    c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-05 16:42 . 2016-05-24 10:04    192216    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-16 07:02 . 2006-11-02 12:35    144199024    -c--a-w-    c:\windows\system32\mrt.exe
2016-09-13 14:54 . 2012-09-21 06:59    796352    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2016-09-13 14:54 . 2011-07-25 07:27    142528    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-27 02:02 . 2013-08-08 08:27    171752    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2016-07-27 02:02 . 2013-08-08 08:27    145984    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2016-07-26 12:24 . 2009-10-03 06:23    504488    ------w-    c:\windows\system32\MpSigStub.exe
2016-07-11 07:26 . 2016-08-11 07:01    1690112    ----a-w-    c:\windows\system32\lsasrv.dll
2016-07-11 07:02 . 2016-08-11 07:01    77312    ----a-w-    c:\windows\SysWow64\secur32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Dropbox Update"="c:\users\Vorname Name\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-25 134512]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2015-10-28 4567720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-15 1152296]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-15 189736]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-07-15 371712]
"TVAgent"="c:\program files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-04-22 206120]
"CorelDRAW Graphics Suite 11b"="c:\program files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe" [2003-12-02 733184]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_15_Plus_Sonderedition\TrayServer.exe" [2008-08-07 90112]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2010-06-07 618496]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-12-23 450560]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2016-10-05 830064]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-11-15 1861968]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-07-11 67840]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2015-10-28 4567720]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2016-02-03 139776]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2014-05-22 4513792]
.
c:\users\Vorname Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Vorname Name\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2016-10-7 25243040]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-11 22:59    1106072    ----a-w-    c:\program files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 14:54]
.
2016-10-07 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000Core.job
- c:\users\Vorname Name\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-25 04:04]
.
2016-10-07 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000UA.job
- c:\users\Vorname Name\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-25 04:04]
.
2016-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 04:35]
.
2016-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 04:35]
.
2016-10-04 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-11-05 18:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-11-03 182808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 154648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 202264]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-09-12 169744]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Infodesk Phone - c:\program files (x86)\Fischer Software\Infodesk Phone\InfodeskPhone.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Vorname Name\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-sp43204 - c:\hp\Softpaq\sp43204\sp43204.exe
AddRemove-sp44626 - c:\hp\Softpaq\sp44626\sp44626.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{8AAF211B-043E02A9-05040000}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\devolo\dlan\devolonetsvc.exe
c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\users\Vorname Name\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files (x86)\ControlCenter4\BrCtrlCntr.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\Browny02\BrYNSvc.exe
c:\program files (x86)\ControlCenter4\BrCcUxSys.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-10-07  20:37:42 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2016-10-07 18:37
.
Vor Suchlauf: 22 Verzeichnis(se), 294.677.245.952 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 298.113.892.352 Bytes frei
.
- - End Of File - - 42B1C67E2C9D5B584A2B5AC7A4CE247A
03BA8F890B47C0BE359A4D5A636D214D

Viele Grüße

deeprybka · 08.10.2016, 14:14

Im April musst Du Dir sowieso was überlegen, dann gibt's keine Updates mehr für Vista.

Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Radja · 08.10.2016, 18:56

Hallo Jürgen,

danke für dne hinweis mit Vista ... hatte ich gar nicht auf dem Schirm.

hier das Log ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3ccc11aee1d6ff4b8d3ca91ba4ea03b0
# end=init
# utc_time=2016-10-08 02:20:21
# local_time=2016-10-08 04:20:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 31010
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3ccc11aee1d6ff4b8d3ca91ba4ea03b0
# end=updated
# utc_time=2016-10-08 02:22:43
# local_time=2016-10-08 04:22:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3ccc11aee1d6ff4b8d3ca91ba4ea03b0
# engine=31010
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-08 05:14:58
# local_time=2016-10-08 07:14:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 14990 74751457 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 0 313470804 0 0
# scanned=442133
# found=18
# cleaned=18
# scan_time=10335
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\SoftonicApp.dll"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\SoftonicEng.dll"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\Softonicsrv.exe"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\uninstall.exe"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\Softonic\Softonic\Softonic\1.8.21.14\bh\Softonic.dll"
sh=BBC107B3C4335A094162EA909ED16DEC2B56B01F ft=1 fh=421fc8cb27121ff1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Documents\Downloads\Integrated_FreewareDE.exe.xBAD"
sh=9A579D06963998D2E015B69737AA1AA9D8A4F37B ft=1 fh=75557439e7bfbd68 vn="Variante von Win32/Hao123.A evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\FFSetup3.1.1.exe.xBAD"
sh=F288D97AAEE15EF5CA0E408DF30E688DF447235A ft=1 fh=3817bd0fcdb3202f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe.xBAD"
sh=EDCF4EA293DD0C7475D73797276FBE9E45EBBC29 ft=1 fh=51c8894478037c3d vn="Win32/Somoto.E evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\m4a-to80-mp3-converter.exe.xBAD"
sh=4C18863E6740795E1C0503EF4DB636D643805F55 ft=1 fh=08fc432b08712eba vn="Variante von Win32/DownloadSponsor.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\PDFCreator1.5(1).exe.xBAD"
sh=7BC1CD44626F049D99AE7677C3FFDC8CA8AEEFCE ft=1 fh=7bf48e397cd0a817 vn="Variante von Win32/DownloadSponsor.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\PDFCreator1.5.exe.xBAD"
sh=313B70919F6F9CC6FA5B7E30EEA1D20583F5CA38 ft=1 fh=105f994530079dda vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\Safari - CHIP-Installer.exe.xBAD"
sh=3157BC48D32543EF826962C25A643AF86E2F0B71 ft=1 fh=30c47768961834ee vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Downloads\WinZip 64 Bit - CHIP-Installer.exe.xBAD"
sh=D22AD1DC1DEEB043B4668C5F6B9B59E8B64CBEA7 ft=1 fh=c71c00116677cbdb vn="Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\FRST\Quarantine\C\Users\Vorname Nachname\Local Settings\Application Data\Bundled software uninstaller\biclient.exe.xBAD"
sh=61EFEDBD25BE27F047F5F40D98D06D4D9493ADF1 ft=1 fh=64c0e1076b811ff4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\Vorname Nachname\Downloads\7 Zip 64 Bit - CHIP-Installer.exe"
sh=1EB458ACDD6A2A27160EFB3A4226D1D1AFA4F036 ft=1 fh=272a80f22552603f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\Vorname Nachname\Downloads\HTML Editor Phase - CHIP-Installer.exe"
sh=6295A3D42106DEBB2C30CF30899B08A78BA6CF3E ft=1 fh=19e8b485eac00754 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\Vorname Nachname\Downloads\Scribus 32 Bit - CHIP-Installer.exe"

Viele Grüße

deeprybka · 09.10.2016, 16:56

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Schritt 1

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Radja · 10.10.2016, 09:07

Guten Morgen!

Hier das Log File:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Vorname Nachname (Administrator) auf OFFICE1 (10-10-2016 08:18:11)
Gestartet von C:\Users\Vorname Nachname\Desktop
Geladene Profile: Vorname Nachname (Verfügbare Profile: Vorname Nachname)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Dropbox, Inc.) C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16327712 2009-06-26] (NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016 2008-12-04] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-12-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-15] (CyberLink)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371712 2009-07-15] (shbox.de)
HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-04-22] (CyberLink Corp.)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-12-02] (Corel Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_15_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [Dropbox Update] => C:\Users\Vorname Nachname\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
Startup: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Vorname Nachname\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-09]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A613AC85-778E-46D4-AF83-B95366D74E09}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CD09C163-A404-43E2-B373-BDFF9FF184C7}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=92&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {CA8FE908-E845-4081-937D-C045FEC0FC98} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> DefaultScope {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = hxxp://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-898814254-3000735508-3869472208-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Vorname Nachname\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default [2016-10-10]
FF Extension: (Avira Browser Safety) - C:\Users\Vorname Nachname\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\Extensions\abs@avira.com.xpi [2016-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll [2010-05-11] (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-898814254-3000735508-3869472208-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Vorname Nachname\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-07] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default [2016-09-14]
CHR Extension: (Google Präsentationen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-04]
CHR Extension: (Google Docs) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-04]
CHR Extension: (Google Drive) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-04]
CHR Extension: (YouTube) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-04]
CHR Extension: (Google-Suche) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04]
CHR Extension: (Google Tabellen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-04]
CHR Extension: (Avira Browserschutz) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-13]
CHR Extension: (Google Docs Offline) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\Vorname Nachname\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2014-03-06] (Dell SonicWALL, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [Datei ist nicht signiert]
R3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S2 AntiVirMailService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe" [X]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S1 Beep; kein ImagePath
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [103992 2007-09-10] (Brother Industries Ltd.)
R1 DNE; C:\Windows\System32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-11-14] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-10] (Samsung Electronics)
S1 SWIPsec; C:\Windows\system32\Drivers\SWIPsec.sys [110064 2014-03-06] (Dell SonicWALL, Inc.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-08 16:19 - 2016-10-08 16:19 - 02870984 _____ (ESET) C:\Users\Vorname Nachname\Desktop\esetsmartinstaller_deu.exe
2016-10-08 10:06 - 2016-10-08 10:06 - 00043711 _____ C:\Users\Vorname Nachname\Downloads\Invoice(10).pdf
2016-10-08 09:43 - 2016-10-08 09:43 - 00689024 _____ C:\Users\Vorname Nachname\Downloads\Einreichungsformular_Krankheitskostenbelege.pdf
2016-10-07 20:37 - 2016-10-08 09:41 - 00020495 _____ C:\ComboFix.txt
2016-10-07 17:28 - 2016-10-07 20:37 - 00000000 ____D C:\Qoobox
2016-10-07 17:28 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-10-07 17:28 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-10-07 17:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-10-07 17:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-10-07 17:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-10-07 17:28 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-10-07 17:28 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-10-07 17:28 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-10-07 17:26 - 2016-10-07 17:26 - 05659993 ____R (Swearware) C:\Users\Vorname Nachname\Desktop\ComboFix.exe
2016-10-07 08:59 - 2016-10-07 09:26 - 00214338 _____ C:\TDSSKiller.3.1.0.11_07.10.2016_08.59.39_log.txt
2016-10-07 08:53 - 2016-10-07 08:53 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Vorname Nachname\Desktop\tdsskiller.exe
2016-10-07 08:16 - 2016-10-07 08:16 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-06 12:21 - 2016-10-06 16:11 - 00069992 _____ C:\Users\Vorname Nachname\Desktop\Addition.txt
2016-10-06 12:19 - 2016-10-10 08:19 - 00029929 _____ C:\Users\Vorname Nachname\Desktop\FRST.txt
2016-10-06 12:18 - 2016-10-06 12:18 - 02405376 _____ (Farbar) C:\Users\Vorname Nachname\Desktop\FRST64.exe
2016-10-06 10:42 - 2016-10-06 10:42 - 00044036 _____ C:\Users\Vorname Nachname\Downloads\index(1).pdf
2016-10-06 10:41 - 2016-10-06 10:41 - 00334487 _____ C:\Users\Vorname Nachname\Downloads\index.pdf
2016-10-05 18:47 - 2016-10-05 18:47 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder(2).pdf
2016-10-05 18:46 - 2016-10-05 18:47 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder(1).pdf
2016-10-05 18:46 - 2016-10-05 18:46 - 01443388 _____ C:\Users\Vorname Nachname\Downloads\13_B2_rueckmeldung_schule.pdf
2016-10-05 18:46 - 2016-10-05 18:46 - 00030674 _____ C:\Users\Vorname Nachname\Downloads\OptiMind_Checkliste_Schulkinder.pdf
2016-10-04 16:21 - 2016-10-04 16:21 - 00292288 _____ C:\Windows\Minidump\Mini100416-01.dmp
2016-10-04 16:20 - 2016-10-04 16:20 - 724486792 _____ C:\Windows\MEMORY.DMP
2016-10-03 08:13 - 2016-10-03 08:13 - 00211550 _____ C:\Users\Vorname Nachname\Downloads\305-0436464-8536304.pdf
2016-10-02 09:57 - 2016-10-02 09:57 - 00144133 _____ C:\Users\Vorname Nachname\Downloads\kino_ticket.pdf
2016-09-28 16:35 - 2016-09-28 16:35 - 02184188 _____ C:\Users\Vorname Nachname\Documents\CONSULTING GmbH.pdf
2016-09-27 17:25 - 2016-09-27 17:25 - 09289728 _____ C:\Users\Vorname Nachname\Downloads\Top News_01_2016_Februar 2016_kl.pdf
2016-09-27 17:25 - 2016-09-27 17:25 - 00183321 _____ C:\Users\Vorname Nachname\Downloads\1338560840.pdf
2016-09-27 14:36 - 2016-09-27 14:36 - 00149652 _____ C:\Users\Vorname Nachname\Downloads\faltblatt__gefalzt_auf_din_lang__6-seiter_(wickelfalz)_1.pdf
2016-09-27 11:08 - 2016-09-27 11:08 - 00185048 _____ C:\Users\Vorname Nachname\Downloads\media3440520.PDF
2016-09-27 11:07 - 2016-09-27 11:07 - 00388056 _____ C:\Users\Vorname Nachname\Downloads\media3737920.PDF
2016-09-27 11:07 - 2016-09-27 11:07 - 00034500 _____ C:\Users\Vorname Nachname\Downloads\media3789120.PDF
2016-09-24 00:47 - 2016-10-04 08:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 13:59 - 2016-09-23 13:59 - 01785504 _____ C:\Users\Vorname Nachname\Downloads\OpenStage an FritzBoxFon - V0.4b.pdf
2016-09-23 08:35 - 2016-09-23 08:35 - 00033128 _____ C:\Users\Vorname Nachname\Downloads\981042.pdf
2016-09-22 08:45 - 2016-09-22 08:45 - 00030831 _____ C:\Users\Vorname Nachname\Downloads\w32555.pdf
2016-09-22 05:45 - 2016-09-22 05:45 - 00088576 _____ C:\Users\Vorname Nachname\Desktop\SEK.xls
2016-09-22 05:40 - 2016-09-22 05:40 - 00233472 _____ C:\Users\Vorname Nachname\Desktop\Mappe7.xls
2016-09-21 16:09 - 2016-09-21 16:09 - 01558119 _____ C:\Users\Vorname Nachname\Downloads\EHF05_Factsheet(1).pdf
2016-09-21 11:04 - 2016-09-21 11:04 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft MapPoint Europa 2006.lnk
2016-09-21 11:04 - 2016-09-21 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft MapPoint Europe
2016-09-21 11:02 - 2016-09-21 11:02 - 02901754 _____ C:\Users\Vorname Nachname\Downloads\WMC_Performancebericht_2014.pdf
2016-09-21 10:15 - 2016-09-21 10:15 - 03964863 _____ C:\Users\Vorname Nachname\Downloads\HEH_LB_2014.pdf
2016-09-21 10:02 - 2016-09-21 10:02 - 07237563 _____ C:\Users\Vorname Nachname\Downloads\Performance_Bericht_2014.pdf
2016-09-21 10:02 - 2016-09-21 10:02 - 04076833 _____ C:\Users\Vorname Nachname\Downloads\DeWert-Jahresbericht2014-DS(1).pdf
2016-09-21 09:55 - 2016-09-21 09:55 - 00511949 _____ C:\Users\Vorname Nachname\Downloads\160812_HG-Halbjahresabschluss_2016.pdf
2016-09-21 09:35 - 2016-09-21 09:35 - 06015877 _____ C:\Users\Vorname Nachname\Downloads\ACT Broschüre dt 2015 komplett.pdf
2016-09-21 09:00 - 2016-08-06 16:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 09:00 - 2016-08-06 16:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-16 15:43 - 2016-09-16 15:43 - 01559625 _____ C:\Users\Vorname Nachname\Downloads\EHF05_Factsheet.pdf
2016-09-16 15:14 - 2016-09-16 15:14 - 04076833 _____ C:\Users\Vorname Nachname\Downloads\DeWert-Jahresbericht2014-DS.pdf
2016-09-16 09:24 - 2016-08-12 21:08 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-16 09:24 - 2016-08-12 20:56 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-16 09:18 - 2016-08-12 21:15 - 04693736 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-16 09:18 - 2016-08-12 21:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-16 09:14 - 2016-08-10 18:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-16 09:14 - 2016-08-10 18:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-16 09:14 - 2016-08-10 17:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-16 09:14 - 2016-08-10 17:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-16 09:14 - 2016-08-10 15:14 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-09-16 09:14 - 2016-08-10 15:07 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-09-16 09:12 - 2016-08-03 18:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-09-16 09:12 - 2016-08-03 17:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-09-16 09:12 - 2016-08-03 16:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-16 09:12 - 2016-08-03 16:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-16 09:12 - 2016-08-03 16:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-16 09:11 - 2016-08-14 18:09 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-16 09:11 - 2016-08-14 17:49 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-16 09:11 - 2016-08-14 16:47 - 02803712 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-15 19:35 - 2016-09-07 19:24 - 17975296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-15 19:35 - 2016-09-07 19:22 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-15 19:35 - 2016-09-07 19:22 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-15 19:35 - 2016-09-07 19:21 - 02265600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-15 19:35 - 2016-09-07 19:20 - 02129920 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-15 19:35 - 2016-09-07 19:20 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 01296384 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-15 19:35 - 2016-09-07 19:20 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-09-15 19:35 - 2016-09-07 19:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-09-15 19:35 - 2016-09-07 19:20 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-09-15 19:35 - 2016-09-07 18:54 - 12859392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-15 19:35 - 2016-09-07 18:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-15 19:35 - 2016-09-07 18:52 - 09731584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01831424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-15 19:35 - 2016-09-07 18:51 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 01089024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-15 19:35 - 2016-09-07 18:51 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-15 19:35 - 2016-09-07 18:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-15 19:35 - 2016-09-07 18:50 - 01789952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-09-15 19:35 - 2016-09-07 18:50 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-09-15 19:35 - 2016-09-07 18:50 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-09-15 09:43 - 2016-09-15 09:43 - 00043637 _____ C:\Users\Vorname Nachname\Downloads\Invoice(9).pdf
2016-09-15 09:43 - 2016-09-15 09:43 - 00043637 _____ C:\Users\Vorname Nachname\Downloads\Invoice(8).pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00441716 _____ C:\Users\Vorname Nachname\Downloads\Kindesschutz_alles_gute_fuer_ihr_kind_Flyer.pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00127589 _____ C:\Users\Vorname Nachname\Downloads\U_Erinnerung(2).pdf
2016-09-14 16:42 - 2016-09-14 16:42 - 00125952 _____ C:\Users\Vorname Nachname\Downloads\U_Einladung(1).pdf
2016-09-14 16:39 - 2016-09-14 16:39 - 00125952 _____ C:\Users\Vorname Nachname\Downloads\U_Einladung.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-10 08:18 - 2013-07-22 09:19 - 00000000 ____D C:\FRST
2016-10-10 08:15 - 2015-06-25 06:04 - 00001260 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000UA.job
2016-10-10 08:09 - 2011-01-20 13:18 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-10 07:54 - 2012-09-21 08:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-10 07:44 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-10 07:44 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-10 07:15 - 2015-06-25 06:04 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-898814254-3000735508-3869472208-1000Core.job
2016-10-10 00:09 - 2011-01-20 13:18 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-07 20:35 - 2009-07-17 10:17 - 00003592 _____ C:\Windows\System32\Tasks\HP Health Check
2016-10-07 20:34 - 2013-02-13 17:59 - 00000000 ___RD C:\Users\Vorname Nachname\Dropbox
2016-10-07 20:32 - 2009-02-04 21:50 - 00514918 _____ C:\ProgramData\nvModes.001
2016-10-07 20:32 - 2009-02-04 21:12 - 00514918 _____ C:\ProgramData\nvModes.dat
2016-10-07 20:32 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2016-10-07 17:44 - 2009-07-17 10:21 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-10-07 17:44 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-07 17:43 - 2006-11-02 17:42 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-07 17:42 - 2013-07-22 11:26 - 00000000 ____D C:\Windows\erdnt
2016-10-07 08:16 - 2013-02-13 17:56 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Roaming\Dropbox
2016-10-06 12:17 - 2009-08-19 08:11 - 00000000 ____D C:\Users\Vorname Nachname\Desktop\Scans
2016-10-05 18:42 - 2016-05-24 12:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 11:06 - 2013-08-08 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-04 16:33 - 2009-02-05 04:46 - 00677534 _____ C:\Windows\system32\perfh007.dat
2016-10-04 16:33 - 2009-02-05 04:46 - 00147046 _____ C:\Windows\system32\perfc007.dat
2016-10-04 16:33 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-10-04 16:33 - 2006-11-02 14:46 - 01576152 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 16:21 - 2015-01-14 13:27 - 00000000 ____D C:\Windows\Minidump
2016-10-04 09:24 - 2009-07-17 10:05 - 00000000 ____D C:\Users\Vorname Nachname
2016-10-04 08:11 - 2012-09-19 21:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-04 08:11 - 2009-07-17 11:16 - 00000456 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2016-09-30 22:17 - 2015-06-25 06:04 - 00000000 ____D C:\Users\Vorname Nachname\AppData\Local\Dropbox
2016-09-29 16:43 - 2015-12-08 10:32 - 00000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-29 16:43 - 2015-12-08 10:32 - 00000872 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-29 16:43 - 2012-12-04 08:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-26 14:22 - 2016-08-27 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2016-09-23 13:03 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2016-09-21 10:54 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-09-16 09:52 - 2006-11-02 17:21 - 00478264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-16 09:48 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-16 09:11 - 2013-07-14 21:20 - 00000000 ____D C:\Windows\system32\MRT
2016-09-16 09:02 - 2006-11-02 14:35 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-09-13 16:54 - 2012-09-21 08:59 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 16:54 - 2012-09-21 08:59 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 16:54 - 2011-12-07 09:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 16:54 - 2011-07-25 09:27 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 16:54 - 2009-02-04 21:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-12-15 16:29 - 2011-12-15 16:37 - 0000077 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.Desktop.Exception.log
2011-12-15 15:22 - 2015-02-26 18:51 - 0002021 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-12-15 16:29 - 2011-12-15 16:37 - 0000077 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-07-01 09:19 - 2013-07-22 06:19 - 0000005 _____ () C:\Users\Vorname Nachname\AppData\Roaming\WBPU-TTL.DAT
2015-02-11 19:57 - 2015-01-12 19:57 - 0000110 _____ () C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\DSI240678.dat
2015-04-09 14:20 - 2015-04-09 14:21 - 14970880 _____ () C:\Users\Vorname Nachname\AppData\Local\1B902E7A_stp.CIS
2015-04-09 14:21 - 2015-04-09 14:21 - 0000442 _____ () C:\Users\Vorname Nachname\AppData\Local\1B902E7A_stp.CIS.part
2015-04-09 14:20 - 2015-04-09 14:20 - 0191991 _____ () C:\Users\Vorname Nachname\AppData\Local\38C2540F_stp.CIS
2015-04-09 14:20 - 2015-04-09 14:20 - 0000290 _____ () C:\Users\Vorname Nachname\AppData\Local\38C2540F_stp.CIS.part
2015-04-09 14:20 - 2015-04-09 14:20 - 0385602 _____ () C:\Users\Vorname Nachname\AppData\Local\5D515C96_stp.CIS
2015-04-09 14:20 - 2015-04-09 14:20 - 0000220 _____ () C:\Users\Vorname Nachname\AppData\Local\5D515C96_stp.CIS.part
2014-03-18 22:28 - 2015-12-19 11:26 - 0000680 _____ () C:\Users\Vorname Nachname\AppData\Local\d3d9caps.dat
2009-07-17 11:15 - 2010-07-17 03:15 - 0002188 _____ () C:\Users\Vorname Nachname\AppData\Local\d3d9caps64.dat
2009-07-21 09:16 - 2016-02-16 08:42 - 0020480 _____ () C:\Users\Vorname Nachname\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-18 11:42 - 2011-10-18 11:47 - 0235192 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2011-10-18 11:42 - 2011-10-18 11:42 - 0000002 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35error.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0000002 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35error_lp.txt
2011-10-18 11:42 - 2011-10-18 11:47 - 0310852 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35install.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0087578 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_dotnetfx35install_lp.txt
2011-10-18 11:47 - 2011-10-18 11:47 - 0974542 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_NET_Framework35_LangPack_MSI3DBD.txt
2011-10-18 11:46 - 2011-10-18 11:47 - 2338310 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_NET_Framework35_x64_MSI3D4B.txt
2010-12-13 23:30 - 2010-12-13 23:30 - 0343710 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI08F8.txt
2009-07-23 10:05 - 2009-07-23 10:05 - 0413006 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI151F.txt
2010-12-10 23:55 - 2010-12-10 23:55 - 0343728 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI31BE.txt
2011-10-18 11:41 - 2011-10-18 11:41 - 0371518 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI395A.txt
2014-02-13 11:54 - 2014-02-13 11:54 - 0384164 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI61F0.txt
2015-07-07 13:16 - 2015-07-07 13:16 - 0432558 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistMSI7A81.txt
2010-12-13 23:30 - 2010-12-13 23:30 - 0013588 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI08F8.txt
2009-07-23 10:05 - 2009-07-23 10:05 - 0013570 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI151F.txt
2010-12-10 23:55 - 2010-12-10 23:55 - 0021112 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI31BE.txt
2011-10-18 11:41 - 2011-10-18 11:41 - 0013882 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI395A.txt
2014-02-13 11:54 - 2014-02-13 11:54 - 0013632 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI61F0.txt
2015-07-07 13:16 - 2015-07-07 13:16 - 0013850 _____ () C:\Users\Vorname Nachname\AppData\Local\dd_vcredistUI7A81.txt
2011-10-18 11:42 - 2011-10-18 11:47 - 0007626 _____ () C:\Users\Vorname Nachname\AppData\Local\uxeventlog.txt
2009-02-04 21:50 - 2016-10-07 20:32 - 0514918 _____ () C:\ProgramData\nvModes.001
2009-02-04 21:12 - 2016-10-07 20:32 - 0514918 _____ () C:\ProgramData\nvModes.dat
2012-05-16 14:34 - 2012-05-16 14:34 - 0000448 _____ () C:\ProgramData\zciaekisnypebbu

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-10 06:42

==================== Ende von FRST.txt ============================

Viele Grüße

deeprybka · 10.10.2016, 17:29

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.