Im Browser öffnen sich Seiten von allein Vieren-Warnungen bzw. Werbung für Reparaturtools erscheinen

JaTa · 02.02.2017, 21:31

Hallo, ich habe seit einigen Tagen das Problem, dass sich bei Google Chrome Seiten von allein öffnen, manchmal sind es Vierenwarnungen manchmal Werbung, dass ich mir ein Reparaturtool runterladen soll. Die Fenster lassen sich nicht so einfach wieder schließen. Angefangen hat das ganze mit der Aufforderung Erweiterungen zuzulassen und immer wenn man diese Meldung schließen wollte ging das nächste TAB auf und die gleiche Meldung erschien und wurde sogar angesagt- ziemlich schräg das ganze. Ich habe leider nicht so viel Ahnung, daher weiß ich nicht was ich mir da eingefangen habe, bzw. wie ich es wieder loswerde.

burningice · 03.02.2017, 04:44

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

JaTa · 03.02.2017, 12:17

Hallo Rafael,

hier sind die beiden txt-Dateien.
FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von JaTa (Administrator) auf JATA (03-02-2017 11:47:56)
Gestartet von C:\Users\Jana\Desktop
Geladene Profile: JaTa (Verfügbare Profile: JaTa & green_000 & Tato)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(E-MU Systems) C:\WINDOWS\System32\emaudsv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ZOOM) C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(© 2015 Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ZOOM) C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\System32\msiexec.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\Temp\8EFC99A0-40C8-4048-A04F-6F35CCAD710A\DismHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [doubleTwist] => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UAC-2 MixEfx Startup] => C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe [14848 2015-04-23] (ZOOM)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{845380e2-f0b5-4584-bc40-cc54345b3c06}] => C:\ProgramData\Package Cache\{845380e2-f0b5-4584-bc40-cc54345b3c06}\Avira.OE.Setup.Bundle.exe [980136 2017-02-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [E-MU USB Audio Control Panel] => C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [274432 2007-11-26] (E-MU Systems)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3502576 2016-10-29] (Electronic Arts)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [Dropbox Update] => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [BingSvc] => C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {b0ff46d6-7bd5-11e5-bec1-5453ed3b7812} - "F:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-07-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5FBCFB0E-94B8-4F44-AAEB-CCC7A39FE717}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{95F07F3B-B0C3-4532-9325-7BB1ADA92F1C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> DefaultScope {23BBA55F-0E89-493A-9AB4-20428EB24552} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> {FDE9174A-DDB1-426D-BEC3-E72348445B9E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default [2017-02-03]
FF NewTab: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\5c9b13n1.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (GreatDealz) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\@greatdealz.xpi [2016-11-18]
FF Extension: (Bing Search) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\bingsearch.full@microsoft.com.xpi [2017-01-29]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-01]
FF Extension: (YouTube High Definition) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-02-01]
FF Extension: (Adblock Plus) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\searchplugins\bing-.xml [2017-01-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-07-17] (Intel)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-07-17] (Intel)

Chrome: 
=======
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2017-02-02]
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-17]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-17]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-26]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-26]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-26]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-17]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-17]
CHR Extension: (Avira Browserschutz) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-26]
CHR Extension: (Stuff.tv CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcjccadpaggjijncnedadbobkbimmjpk [2017-01-27]
CHR Extension: (Data generator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\legklhfpihknmgmlhiadachbaihccpho [2017-01-30]
CHR Extension: (Manage Tabs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\memofnfkklanghgnaleppdgfnmbojdbk [2017-01-30]
CHR Extension: (Perfect.com CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijlcckaclcecjlibilijgacfdomphgp [2017-02-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-26]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 emaudsv; C:\WINDOWS\system32\emaudsv.exe [25600 2007-11-26] (E-MU Systems)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24376 2015-06-30] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-17] (Sony Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-29] (Electronic Arts)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [Datei ist nicht signiert]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [Datei ist nicht signiert]
R2 zmuac2service; C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe [127488 2015-04-22] (ZOOM) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-10-22] (Advanced Micro Devices)
S3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio_x64.sys [269312 2015-09-03] () [Datei ist nicht signiert]
S3 audientusbaudioks; C:\WINDOWS\system32\DRIVERS\audientusbaudioks_x64.sys [50688 2015-09-03] () [Datei ist nicht signiert]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 emusba10; C:\WINDOWS\system32\DRIVERS\emusba10.sys [213272 2007-11-26] (E-MU Systems)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 StkCMini; C:\WINDOWS\System32\Drivers\StkCMini.sys [1917576 2010-06-07] (Syntek)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 zmuac2audio; C:\WINDOWS\system32\drivers\zmuac2audio.sys [184832 2015-04-22] (ZOOM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-03 11:47 - 2017-02-03 11:47 - 00028508 _____ C:\Users\Jana\Desktop\FRST.txt
2017-02-03 11:47 - 2017-02-03 11:47 - 00000000 ___DC C:\FRST
2017-02-02 20:58 - 2017-02-02 20:58 - 02420736 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2017-02-02 13:40 - 2017-02-02 13:41 - 00279608 _____ C:\WINDOWS\Minidump\020217-31390-01.dmp
2017-02-01 22:04 - 2017-02-02 20:39 - 00000000 ___DC C:\AdwCleaner
2017-02-01 22:03 - 2017-02-01 22:03 - 04015056 _____ C:\Users\Jana\Downloads\adwcleaner_6.043.exe
2017-01-17 14:51 - 2017-01-17 14:51 - 01427282 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00577639 _____ C:\WINDOWS\Packet.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288106 _____ C:\WINDOWS\SentOSPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288088 _____ C:\WINDOWS\Control.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00003480 _____ C:\WINDOWS\NGIControl.KTL

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-03 11:49 - 2013-11-29 21:34 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-03 11:45 - 2016-12-05 22:07 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2017-02-03 11:44 - 2016-07-25 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-03 11:43 - 2014-07-19 07:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-02 21:37 - 2014-01-21 19:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-02 21:32 - 2016-03-21 17:03 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Tokyo Dawn Labs
2017-02-02 21:32 - 2013-12-27 09:30 - 00000000 ____D C:\Users\Jana\Documents\Outlook-Dateien
2017-02-02 13:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-02 13:48 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-02 13:43 - 2016-07-18 18:31 - 00002894 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-02 13:43 - 2014-01-20 21:01 - 00000284 _____ C:\WINDOWS\Tasks\AutoKMS.job
2017-02-02 13:42 - 2014-07-18 20:29 - 00000000 ____D C:\Users\Jana
2017-02-02 13:40 - 2014-09-14 18:38 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-02 13:40 - 2014-06-02 20:42 - 599098233 _____ C:\WINDOWS\MEMORY.DMP
2017-02-02 13:40 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-01 22:28 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-02-01 22:27 - 2016-12-16 19:46 - 00003162 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-01 22:27 - 2016-10-07 15:46 - 00003170 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-01 22:27 - 2016-10-07 15:46 - 00002353 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-01 22:07 - 2014-08-23 21:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Yahoo!
2017-01-29 19:46 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2017-01-29 18:50 - 2014-01-20 22:02 - 00000000 ____D C:\ProgramData\Skype
2017-01-29 18:49 - 2014-10-07 11:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-24 15:40 - 2013-06-23 04:31 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-17 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-17 17:58 - 2013-12-17 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-17 16:19 - 2014-01-19 21:47 - 00000000 ___RD C:\Users\Jana\Dropbox
2017-01-17 15:22 - 2014-01-19 21:43 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Dropbox
2017-01-15 10:54 - 2014-03-18 11:03 - 00005430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 10:54 - 2014-03-18 10:25 - 01411730 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-15 10:54 - 2014-03-18 10:25 - 00352054 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-14 21:11 - 2014-09-14 13:48 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2017-01-14 21:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-14 21:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-13 19:23 - 2015-12-18 18:49 - 0011264 _____ () C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-19 10:44 - 2015-09-27 12:14 - 0002254 _____ () C:\ProgramData\hpzinstall.log
2015-08-01 09:00 - 2015-08-01 09:00 - 0000016 _____ () C:\ProgramData\mntemp
2015-07-25 12:59 - 2015-07-25 12:59 - 0005005 _____ () C:\ProgramData\wmzddnmb.cix

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job
C:\Windows\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job
C:\Windows\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job


Einige Dateien in TEMP:
====================
2014-02-12 23:53 - 2014-02-12 23:53 - 0726016 _____ (Igor Pavlov) C:\Users\Jana\AppData\Local\Temp\7z.dll
2014-02-12 23:53 - 2014-02-12 23:53 - 0150016 _____ (Igor Pavlov) C:\Users\Jana\AppData\Local\Temp\7z.exe
2014-07-19 07:10 - 2014-08-24 11:48 - 0000000 ____D () C:\Users\Jana\AppData\Local\Temp\avgnt.exe
2017-01-29 19:00 - 2017-01-29 19:00 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Jana\AppData\Local\Temp\BSvcProcessor.exe
2017-01-29 19:00 - 2017-01-29 19:00 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Jana\AppData\Local\Temp\BSvcUpdater.exe
2015-12-12 09:29 - 2015-12-12 09:29 - 0071168 _____ () C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8ciufy.dll
2014-02-12 23:53 - 2014-02-12 23:53 - 0023477 _____ () C:\Users\Jana\AppData\Local\Temp\dtkill.exe
2015-04-26 17:01 - 2015-04-26 17:09 - 22091216 _____ () C:\Users\Jana\AppData\Local\Temp\dtUpgraderFull-r19767.exe
2014-02-12 23:53 - 2014-02-12 23:53 - 0006656 _____ (doubleTwist Corperation) C:\Users\Jana\AppData\Local\Temp\Executor.exe
2016-08-30 07:28 - 2016-08-30 07:28 - 0000000 _____ () C:\Users\Jana\AppData\Local\Temp\GUR2462.exe
2015-04-14 16:04 - 2015-04-14 16:05 - 1054912 _____ (Adobe) C:\Users\Jana\AppData\Local\Temp\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2014-12-12 15:48 - 2014-12-12 15:49 - 0030208 _____ (Melloware Inc (www.melloware.com)) C:\Users\Jana\AppData\Local\Temp\JIntellitype.dll
2014-12-12 15:48 - 2014-12-12 15:48 - 0468704 ____N () C:\Users\Jana\AppData\Local\Temp\JIntellitype64.dll
2015-10-01 19:05 - 2015-10-01 19:05 - 0585824 _____ (Oracle Corporation) C:\Users\Jana\AppData\Local\Temp\jre-8u60-windows-au.exe
2017-01-01 17:19 - 2017-01-01 17:19 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
2014-12-19 17:16 - 2014-12-19 17:17 - 34743280 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Jana\AppData\Local\Temp\tmd_34011525.exe
2015-04-20 20:00 - 2015-04-20 20:03 - 37534360 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Jana\AppData\Local\Temp\tmd_34014528.exe
2015-04-20 19:56 - 2015-04-20 20:06 - 37534360 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Jana\AppData\Local\Temp\tmd_34016937.exe
2015-10-19 17:34 - 2015-10-19 17:34 - 39487040 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Jana\AppData\Local\Temp\tmd_34016944.exe
2015-04-20 20:20 - 2015-04-20 20:25 - 37534360 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Jana\AppData\Local\Temp\tmd_34018872.exe
2014-02-12 23:53 - 2014-02-12 23:53 - 4995416 _____ (Microsoft Corporation) C:\Users\Jana\AppData\Local\Temp\vcredist_x86-2010.exe
2014-02-12 23:53 - 2014-02-12 23:53 - 6560088 _____ (Microsoft Corporation) C:\Users\Jana\AppData\Local\Temp\vcredist_x86-2012.exe
2015-10-01 19:09 - 2015-10-01 19:09 - 28849904 _____ () C:\Users\Jana\AppData\Local\Temp\vlc-2.2.1-win32.exe
2014-07-20 20:15 - 2014-08-24 12:06 - 0000000 ____D () C:\Users\Tato\AppData\Local\Temp\avgnt.exe
2015-07-21 17:31 - 2015-07-21 17:31 - 0000000 ____D () C:\Users\TEMP.JATA\AppData\Local\Temp\avgnt.exe
2015-10-21 07:12 - 2015-10-21 07:12 - 0000000 ____D () C:\Users\TEMP.JATA.001\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-02 20:18

==================== Ende von FRST.txt ============================

--- ---

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgefÃ¼hrt von JaTa (03-02-2017 11:49:53)
Gestartet von C:\Users\Jana\Desktop
Windows 8.1 (Update) (X64) (2014-07-19 06:06:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admini (S-1-5-21-4215103822-3391258602-2653336318-1009 - Administrator - Enabled)
Administrator (S-1-5-21-4215103822-3391258602-2653336318-500 - Administrator - Disabled)
Gast (S-1-5-21-4215103822-3391258602-2653336318-501 - Limited - Disabled)
green_000 (S-1-5-21-4215103822-3391258602-2653336318-1004 - Limited - Enabled) => C:\Users\green_000
HomeGroupUser$ (S-1-5-21-4215103822-3391258602-2653336318-1007 - Limited - Enabled)
JaTa (S-1-5-21-4215103822-3391258602-2653336318-1001 - Administrator - Enabled) => C:\Users\Jana
Tato (S-1-5-21-4215103822-3391258602-2653336318-1005 - Limited - Enabled) => C:\Users\Tato

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ACID Music Studio 9.0 (HKLM-x32\...\{7943168F-18A0-11E2-9C81-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Kindle (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{AFF3A479-02DE-E284-9E4D-CC1F0B45174A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
C3100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Die Simsâ„¢ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Simsâ„¢ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.0 - )
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{78545512-1F84-4357-8A9A-D94D9C3CE4FA}) (Version: 12.0.26.54 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 45233 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
MAGIX 3D Maker (embedded MSI) (HKLM-x32\...\{8393592A-B977-489E-8C78-84E19DE9FE21}) (Version: 6.0.0.8 - MAGIX AG)
MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.3.118 - MAGIX AG)
MAGIX Foto Premium 9 (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx) (Version: 9.0.3.2 - MAGIX AG)
MAGIX Foto Premium 9 (x32 Version: 9.0.3.2 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\{859258F8-3F00-4335-BBD5-318F17369012}) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\{F31C9A68-7F07-4B96-AC58-F71D5DF3DA89}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed 2 (MSI) (HKLM-x32\...\{7FA32C2E-E218-4A04-966D-DECCB0B9C81E}) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (HKLM-x32\...\MAGIX_MSI_Videodeluxe16_plus) (Version: 9.0.5.10 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (x32 Version: 9.0.5.10 - MAGIX AG) Hidden
MAGIX Xtreme Grafik Designer 5 (HKLM-x32\...\MAGIX_MSI_XtremeGrafik5) (Version: 5.1.2.10977 - MAGIX AG)
MAGIX Xtreme Grafik Designer 5 (x32 Version: 5.1.2.10977 - MAGIX AG) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 365 Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Movavi Video Editor 10 (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.3.0 - Movavi)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype for Business Basic 2016 - de-de (HKLM\...\SkypeforBusinessEntryRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Skypeâ„¢ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
UAC-2 Driver (HKLM\...\{970062D6-4CE4-48CE-8C70-0DE3BE204FFB}) (Version: 1.0.0.24 - ZOOM)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
USB2.0 Grabber (HKLM-x32\...\{45518B6D-9DDF-4144-83E4-A56762524F35}) (Version: 7.12.000.003 - Youyan)
USB2.0 Grabber (HKLM-x32\...\USB2.0 Grabber) (Version:  - )
Vacation Questâ„¢ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIOÂ*CPU-LÃ¼fterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin fÃ¼r VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support fÃ¼r Ãœbertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtos DeNoiser (HKLM-x32\...\Virtos DeNoiser) (Version: 1.1 - Virtos GmbH)
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Voxengo Redunoise VST 1.6 (HKLM-x32\...\Voxengo Redunoise VST) (Version:  - )
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
ZOOM UAC-2 MixEfx (HKLM-x32\...\{09A98EAB-7C64-4A02-8C95-14E65B0EE320}) (Version: 1.00.0023 - ZOOM Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0441A198-BF27-444E-909B-955D8F6E2FD0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {06D143D2-28B7-4E49-A0BF-28D7CE163FB8} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {0884AEDB-5321-4659-AF88-407F23ACA083} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {126C6523-F1D3-42A2-859D-97342B5AE7DE} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {1786973A-0245-4240-96D6-9E63F9C325A0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {1DF4D728-24F6-4BAA-9DCE-42C388023223} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2822C3A7-1993-45ED-BA73-45FEB0FC79FC} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {2B0C2CC9-2E24-455C-9A83-B54CB9A4958E} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {343D7DDD-45B2-4764-B407-57091AB55AA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {37F3246D-FE9E-4114-A8DB-565F2044622A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {3C28C15D-4CED-4610-85B7-15D26EE34D97} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {444FDB6F-94A2-46C8-AC11-4FA21B8758A8} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {489E461E-34F0-4EAD-802A-9FE26C9CB300} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {58FAC5CB-7169-4BE0-9FED-D1D10CBD67E4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {5DE6E53C-42AE-4C01-9007-373DC91394FB} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {6C009A66-F337-46AE-9ACA-5880EB854537} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-31] (Sony Corporation)
Task: {6E08651D-30E6-4901-985A-6AEA6D1B3DC7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {83B2C4F2-CA7E-436B-BE2B-78A3C1CB7931} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-20] ()
Task: {8A7100A6-49E6-4419-AF91-D948828FB041} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {AB52AAF7-88B7-4253-B4C7-5DE32F7AC946} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {B042C6E3-2F03-4A26-8B7D-3221801E76E3} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {C1C0C72C-1119-427F-8DD0-96A24ED6BDB3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {E6B2FDC9-7D08-48C2-BE2C-FA25EE2BD140} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {EFF31C88-94C3-4E2D-BAB8-825EFA6BE9A3} - System32\Tasks\{2D0FF644-8F7B-4869-987D-478101A5D0E9} => pcalua.exe -a D:\setup.exe -d D:\

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4215103822-3391258602-2653336318-1001Core1d0c1f1fc9b876d.job => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25f659cdcf17c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-06 12:27 - 2012-08-06 12:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-12-28 11:07 - 2012-12-28 11:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 11:04 - 2012-12-28 11:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 11:09 - 2012-12-28 11:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-08-06 12:27 - 2012-08-06 12:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-23 04:24 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\Pictures\Intis Geburtstag\IMG_7769.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TrayServer"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "E-MU USB Audio Control Panel"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{89E16038-0E1B-4720-A145-69899403B22F}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4AB09C03-D2C6-41E2-9561-739B1564DEE9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1196EC90-B732-440C-9395-F2BCD56DD81F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{383FA5B4-A109-4BF3-9353-EF6922AD0B6B}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AC533243-26E3-4D7C-86A1-6CDC12BE2227}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C6ED7570-65A8-41CC-97CE-0A6B76C582B1}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74FD456C-B49A-491B-8204-433CD94AC699}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{162D4AF2-047F-4835-B02E-DC453C8ABC30}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{B8198F1B-FA6C-4017-97C9-29F87F53CB25}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE04546E-51F6-4571-B350-F0A3CEB17E9B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B29E4062-5C46-42F4-AD9E-DAF2725B9913}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{67FB49BB-59B8-4B28-BF8A-5FB803B74C1A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBA9E6D6-7CA9-4507-A122-2A08E5AC9A0D}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{21930AEA-C5C6-4AFC-BD14-6E28DB2E79EA}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E66733B-5B29-41C9-8560-79134CB55CDC}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{2F2B5728-F4DF-49D9-89A5-4DAF65779110}] => c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{73128E8F-23BF-4F69-B115-D3A836B897DF}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{DA195DDB-3D6F-4A02-AB85-E127ABF86F57}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{07DCFD73-92A3-46D2-B905-022F1BB7AC7F}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{57E971E2-487A-42EF-A2AC-C3A6501F6574}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{3CDA9EFE-F922-40F5-9BD8-05C2E275367C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69622DC2-F0B4-44CE-80B4-C8E8D1844444}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{10FFC655-573F-4256-AA07-AF26DBD21CA9}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60450E92-1CA6-4295-9100-B8968A8154CF}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D95A5C9C-095B-43FD-95E8-C8C7FF5AB846}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E86EB6EB-DA55-4C19-87B5-6B90C36FD2F9}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8D7B63DF-51D5-415A-81FF-2E2011D3F83E}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{B2B234EB-B811-4CAD-A723-764D5783D4F3}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [{3AAE7DE8-C170-42EC-868E-1E991A05D4E2}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E50D37A7-9C84-465A-B55A-46D5EAE6D873}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67118243-63EF-48FF-8856-827632F3C968}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE9C70DB-B8FE-43E7-A890-5416ECCC7554}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{19034193-107C-424A-9B3D-AFB795294AFC}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{61731D51-F5DD-4E45-B74F-6BD5700EB15B}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AD54ED6D-DFFA-433F-8E41-9B2B19B69814}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{309919E3-75DB-4EFF-9081-32218147C239}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1203042D-1D1D-4E41-A600-F28FA635FA35}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3D5A86FB-2B74-4567-9D9B-F9E30D0BAC6D}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4461EEB8-D1CE-4431-A1A6-32E6620FE7B8}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{87518E9B-5F7F-4B34-9931-CBB089941CF7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{08E11EAA-6FD9-4D7B-B8B3-5D585788E5FB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8CF7CFD4-0512-49D7-A294-170C24F29209}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{AF4717AF-BA41-46F8-8CB4-B9A116E2E7AB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1D27E99D-493B-42E8-B2A1-400376C4F2DA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DAF94C55-1173-4E40-8E19-FF126433C8B5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F5BF510D-56E2-4C14-8F60-33163FF2DCF5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A885C6D4-AA4C-4EBF-82AE-439565A3E603}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{33BB18CF-D933-420E-83D3-249CA86637A7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0A66A4BB-0D98-4ECF-8EBF-E5BF5CE20029}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FCADFC1C-F6AE-42B2-BE2E-AF5935ED917E}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D117F5FA-D534-48BD-B2D2-57657837ACAC}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B456F675-6CFB-4AF3-AB42-5EB0DE550F91}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{AD9E5880-CE0B-4ABA-998C-11975391C580}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6AD6CD99-1F8A-4B6C-B541-2E5AF20CC9DC}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{76531EE9-2A06-41BA-827B-C7A2237101A1}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B08185B9-D14D-44DC-B4BB-FEF3DDF1A9BF}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{D96BD0D8-08EB-4E2F-9C32-3D9D22187360}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CBBBF1A-8D00-4FEC-8F44-0AA2384BC8B9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{112BE12A-BF6E-4E3A-9C0A-86DC067005AA}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [UDP Query User{DE8FF27A-22D8-4A6B-8800-43C2AB6253DB}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{68E86D7D-5480-4A88-8036-1976719BF461}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B81CD43-5823-40C4-8173-2D608812698E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B48A5050-2A34-420F-9C81-D4DB20CF62EB}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5F518E5C-5343-4010-ACBE-51675195C928}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2875F82C-4F18-4C01-9AFF-7537AFF4723C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{637402AF-E034-44DD-A98B-ECE55159B859}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5B970477-5EE0-4A6C-B7A4-0805E65928F7}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{97F59A24-5DB1-4F5B-8AB2-054D9F0A29B5}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{13B3EB68-58D4-4DFF-A97D-BF0E9D344A72}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{DF82F157-7E3E-449F-8093-986C89E30D5C}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{CBFCC100-9F13-4571-823F-5B9FE0EFC398}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{FCCABF74-D708-4681-BE00-5C720F8D32B7}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{685D285E-49F4-4724-A5F6-AA39414FD616}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{50B39B42-38A2-4937-A0EB-84B10603A5AC}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/02/2017 01:47:49 PM) (Source: ESENT) (EventID: 474) (User: )
Description: wuaueng.dll (428) SUS20ClientDataStore: Bei ÃœberprÃ¼fung der aus Datei "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" bei Offset 44171264 (0x0000000002a20000) (Datenbankseite 1347 (0x543)) fÃ¼r 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der SeitenprÃ¼fsumme ein Fehler aufgetreten. Die gespeicherte PrÃ¼fsumme war [0000000000000000:0000000000000000:0000000000000000:0000000000000000], die berechnete PrÃ¼fsumme [00000543247add0c:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich fÃ¼r weitere UnterstÃ¼tzung bei der Diagnose des Problems an Ihren Hardwarehersteller.

Error: (02/02/2017 01:41:40 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÃ„T)
Description: Die Datei LogOpen konnte nicht geladen werden. 
Fehlercode: 0x570

Error: (02/02/2017 01:41:38 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÃ„T)
Description: Die Datei LogOpen konnte nicht geladen werden. 
Fehlercode: 0x570

Error: (02/02/2017 11:49:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12578

Error: (02/02/2017 11:49:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12578

Error: (02/02/2017 11:49:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2017 10:11:27 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts fÃ¼r den erneuten Start bei 2117-01-08T21:11:27Z. Fehlercode: 0x80040154.

Error: (02/01/2017 10:10:57 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts fÃ¼r den erneuten Start bei 2117-01-08T21:10:57Z. Fehlercode: 0x80040154.

Error: (02/01/2017 10:10:27 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts fÃ¼r den erneuten Start bei 2117-01-08T21:10:27Z. Fehlercode: 0x80040154.

Error: (02/01/2017 10:09:57 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts fÃ¼r den erneuten Start bei 2117-01-08T21:09:57Z. Fehlercode: 0x80040154.


Systemfehler:
=============
Error: (02/03/2017 11:42:23 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine TransaktionsrÃ¼ckmeldung von Dienst SampleCollector erreicht.

Error: (02/03/2017 11:41:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine TransaktionsrÃ¼ckmeldung von Dienst SampleCollector erreicht.

Error: (02/02/2017 08:19:11 PM) (Source: DCOM) (EventID: 10010) (User: JATA)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/02/2017 06:40:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine ServerankÃ¼ndigung vom Computer "NORO-VIRUS",
der der Hauptsuchdienst der DomÃ¤ne fÃ¼r den NetBT_Tcpip_{5FBCFB0E-94B8-4F44-AAEB-CCC7A39FE717}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/02/2017 06:40:19 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (02/02/2017 06:40:18 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (02/02/2017 06:40:17 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (02/02/2017 06:40:17 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (02/02/2017 05:33:45 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.69
registriert werden. Der Computer mit IP-Adresse 192.168.0.115 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (02/02/2017 05:22:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine TransaktionsrÃ¼ckmeldung von Dienst SampleCollector erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 6091.28 MB
Verfügbarer physikalischer RAM: 4132.25 MB
Summe virtueller Speicher: 12235.28 MB
Verfügbarer virtueller Speicher: 9566.71 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:662.69 GB) (Free:263.31 GB) NTFS
Drive e: (EOS_DIGITAL) (Removable) (Total:14.91 GB) (Free:4.53 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8D41EBCD)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 03.02.2017, 21:47

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

JaTa · 04.02.2017, 22:30

so hier erst mal das Ergebnis des ADW-Scan

Code:

ATTFilter

# AdwCleaner v6.043 - Bericht erstellt am 04/02/2017 um 21:18:57
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : JaTa - JATA
# Gestartet von : C:\Users\Jana\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02042017210405132\Software\AppDataLow\Software\Crossrider
[-] Schlüssel gelöscht: HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02042017210405132\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02042017210405601\Software\AppDataLow\Software\Yahoo\Companion


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [29359 Bytes] - [01/02/2017 22:10:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [2917 Bytes] - [01/02/2017 22:28:35]
C:\AdwCleaner\AdwCleaner[C3].txt - [1631 Bytes] - [04/02/2017 21:18:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [28752 Bytes] - [01/02/2017 22:05:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [28197 Bytes] - [01/02/2017 22:09:37]
C:\AdwCleaner\AdwCleaner[S2].txt - [3123 Bytes] - [01/02/2017 22:28:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [1699 Bytes] - [02/02/2017 20:39:14]
C:\AdwCleaner\AdwCleaner[S4].txt - [2220 Bytes] - [04/02/2017 21:17:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2071 Bytes] ##########

Guten Abend,
scheinbar habe ich noch ein ganz anderes Problem, jetzt habe ich den mbam-scan zwei mal angefangen und jedes mal ca. nach 20 Minuten scannen mit 14 Bedrohungen kam der Blaue Bildschirm wieder mit der Meldung Kernel_Data_Inpage_Error und irgend etwas mit SYS in Klammern und der Scan wurde abgebrochen. Ich werde den nächsten Scan morgen versuchen, oder was schlägst du vor??

burningice · 05.02.2017, 19:25

ja, bitte neustarten.

Tritt das Problem noch immer so auf?

JaTa · 05.02.2017, 20:58

ja leider tritt das Problem immer wieder auf. Nach ca 20 min scannen kommt der blaue Bildschirm und der Computer bricht den Scan ab und startet neu. ich habe aber beim letzten Versuch eine Pause gemacht als er schon die 14 Bedrohungen gefunden hatte und davon einen Screenshot gemacht, den ich als Anhang beigefügt habe. so kann man vielleicht erst mal sehen was los ist???

burningice · 05.02.2017, 21:56

okay lassen wir das mal.

Schritt: 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt: 2
Bitte lade dir die neuste Version von WhoCrashed auf deinen Computer: WhoCrashed Download

Installiere es
Starte es als Administrator
Klicke oben links auf den Button "Analyze"
Scrolle herunter, die Bereiche Crash Dump Analysis und Conclusion bitte ins Forum kopieren

Bitte poste dein Ergebnis zwischen Code-Tags
Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten.

Code-Tags?

Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein

JaTa · 06.02.2017, 13:55

Code:

ATTFilter

13:37:10.0745 0x0578  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
13:37:10.0745 0x0578  UEFI system
13:37:18.0745 0x0578  ============================================================
13:37:18.0745 0x0578  Current date / time: 2017/02/06 13:37:18.0745
13:37:18.0745 0x0578  SystemInfo:
13:37:18.0745 0x0578  
13:37:18.0745 0x0578  OS Version: 6.3.9600 ServicePack: 0.0
13:37:18.0745 0x0578  Product type: Workstation
13:37:18.0745 0x0578  ComputerName: JATA
13:37:18.0745 0x0578  UserName: JaTa
13:37:18.0745 0x0578  Windows directory: C:\WINDOWS
13:37:18.0745 0x0578  System windows directory: C:\WINDOWS
13:37:18.0745 0x0578  Running under WOW64
13:37:18.0745 0x0578  Processor architecture: Intel x64
13:37:18.0745 0x0578  Number of processors: 8
13:37:18.0745 0x0578  Page size: 0x1000
13:37:18.0745 0x0578  Boot type: Normal boot
13:37:18.0745 0x0578  CodeIntegrityOptions = 0x00000001
13:37:18.0745 0x0578  ============================================================
13:37:19.0496 0x0578  KLMD registered as C:\WINDOWS\system32\drivers\33515596.sys
13:37:19.0496 0x0578  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18202, osProperties = 0x19
13:37:20.0220 0x0578  System UUID: {A9559242-1C44-1219-56B4-149A7A5C0EE3}
13:37:20.0955 0x0578  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:37:20.0955 0x0578  ============================================================
13:37:20.0955 0x0578  \Device\Harddisk0\DR0:
13:37:20.0955 0x0578  GPT partitions:
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {21E5CBD9-6EB5-442C-906E-B972F87298F5}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {79158D8F-FC69-4458-B344-FFF5F2FFEFB3}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2E1000
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {98DD3758-3A5F-42AD-B054-6014F9EF1B9B}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5D35223D-28BE-46AB-AFB1-A7B2BE10077F}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {55323467-4507-49A6-82FA-508F014F69BB}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x52D60800
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FF7A162E-5209-43F7-8B8B-FE37C1D1A8E4}, Name: , StartLBA 0x53186000, BlocksNum 0xE1000
13:37:20.0955 0x0578  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E469A8B6-B9F8-407F-B9B3-A143E6072F12}, Name: Basic data partition, StartLBA 0x53267000, BlocksNum 0x42DF000
13:37:20.0955 0x0578  MBR partitions:
13:37:20.0955 0x0578  ============================================================
13:37:21.0048 0x0578  C: <-> \Device\Harddisk0\DR0\Partition5
13:37:21.0048 0x0578  ============================================================
13:37:21.0048 0x0578  Initialize success
13:37:21.0048 0x0578  ============================================================
13:38:23.0990 0x03f0  ============================================================
13:38:23.0990 0x03f0  Scan started
13:38:23.0990 0x03f0  Mode: Manual; SigCheck; TDLFS; 
13:38:23.0990 0x03f0  ============================================================
13:38:23.0990 0x03f0  KSN ping started
13:38:26.0697 0x03f0  KSN ping finished: true
13:38:35.0618 0x03f0  ================ Scan system memory ========================
13:38:35.0618 0x03f0  System memory - ok
13:38:35.0618 0x03f0  ================ Scan services =============================

Code:

ATTFilter

13:38:36.0637 0x03f0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:38:36.0793 0x03f0  1394ohci - ok
13:38:36.0809 0x03f0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:38:36.0825 0x03f0  3ware - ok
13:38:37.0043 0x03f0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:38:37.0075 0x03f0  ACPI - ok
13:38:37.0106 0x03f0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:38:37.0121 0x03f0  acpiex - ok
13:38:37.0153 0x03f0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:38:37.0184 0x03f0  acpipagr - ok
13:38:37.0215 0x03f0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:38:37.0231 0x03f0  AcpiPmi - ok
13:38:37.0246 0x03f0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:38:37.0262 0x03f0  acpitime - ok
13:38:37.0403 0x03f0  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:38:37.0434 0x03f0  AdobeARMservice - ok
13:38:37.0793 0x03f0  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:38:37.0825 0x03f0  AdobeFlashPlayerUpdateSvc - ok
13:38:37.0934 0x03f0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:38:37.0965 0x03f0  ADP80XX - ok
13:38:38.0028 0x03f0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
13:38:38.0075 0x03f0  AeLookupSvc - ok
13:38:38.0168 0x03f0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:38:38.0200 0x03f0  AFD - ok
13:38:38.0215 0x03f0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:38:38.0231 0x03f0  agp440 - ok
13:38:38.0247 0x03f0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:38:38.0262 0x03f0  ahcache - ok
13:38:38.0325 0x03f0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
13:38:38.0387 0x03f0  ALG - ok
13:38:38.0434 0x03f0  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:38:38.0481 0x03f0  AMD External Events Utility - ok
13:38:38.0497 0x03f0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:38:38.0512 0x03f0  AmdK8 - ok
13:38:39.0750 0x03f0  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
13:38:40.0000 0x03f0  amdkmdag - ok
13:38:40.0078 0x03f0  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
13:38:40.0109 0x03f0  amdkmdap - ok
13:38:40.0140 0x03f0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:38:40.0187 0x03f0  AmdPPM - ok
13:38:40.0203 0x03f0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:38:40.0219 0x03f0  amdsata - ok
13:38:40.0219 0x03f0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:38:40.0234 0x03f0  amdsbs - ok
13:38:40.0250 0x03f0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:38:40.0266 0x03f0  amdxata - ok
13:38:40.0940 0x03f0  [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:38:40.0986 0x03f0  AntiVirMailService - ok
13:38:41.0096 0x03f0  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:38:41.0174 0x03f0  AntiVirSchedulerService - ok
13:38:41.0236 0x03f0  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:38:41.0299 0x03f0  AntiVirService - ok
13:38:41.0361 0x03f0  [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:38:41.0408 0x03f0  AntiVirWebService - ok
13:38:41.0471 0x03f0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:38:41.0502 0x03f0  AppID - ok
13:38:41.0565 0x03f0  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:38:41.0611 0x03f0  AppIDSvc - ok
13:38:41.0643 0x03f0  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:38:41.0752 0x03f0  Appinfo - ok
13:38:41.0986 0x03f0  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Code:

ATTFilter

13:38:42.0018 0x03f0  Apple Mobile Device Service - ok
13:38:42.0158 0x03f0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:38:42.0236 0x03f0  AppReadiness - ok
13:38:42.0408 0x03f0  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:38:42.0518 0x03f0  AppXSvc - ok
13:38:42.0565 0x03f0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:38:42.0565 0x03f0  arcsas - ok
13:38:42.0596 0x03f0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:38:42.0596 0x03f0  atapi - ok
13:38:42.0647 0x03f0  [ CE2BCBDC20734F372B70B94704D3092D, 33C586C1A9C9D357A589F102341EFCFFE465553B54E7C875867F0E15587F53B7 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
13:38:42.0679 0x03f0  AthBTPort - ok
13:38:42.0835 0x03f0  [ D36B40AA8583089FE7A23693158CECF2, 795C90C11603CBED0C615811AD465FD23FC351251CFE49D137AB855D298611B7 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:38:42.0882 0x03f0  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:38:45.0513 0x03f0  Detect skipped due to KSN trusted
13:38:45.0513 0x03f0  AtherosSvc - ok
13:38:45.0747 0x03f0  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
13:38:45.0825 0x03f0  athr - ok
13:38:45.0872 0x03f0  [ 87DAD8D354E312DB16636DC71EB39E5E, 904C874799BF30F06BFC725A59040C6E1B7D176011DA41D1ACBE4CAB20369671 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
13:38:45.0888 0x03f0  AtiHDAudioService - ok
13:38:45.0997 0x03f0  [ 2607EC45119E17F7861825816EA175B8, C2BFC111AD502EBB2CA7F55470E1F5304658381D6CC711C4C120D467D36988F3 ] audientusbaudio C:\WINDOWS\System32\drivers\audientusbaudio_x64.sys
13:38:46.0013 0x03f0  audientusbaudio - detected UnsignedFile.Multi.Generic ( 1 )
13:38:48.0881 0x03f0  Detect skipped due to KSN trusted
13:38:48.0881 0x03f0  audientusbaudio - ok
13:38:48.0913 0x03f0  [ 9F26032192281164DF1676C2003C4836, 98BD09997B846F8A4AB7FEB2C52956D2CF559B57D4327EEEC5F780DFEB049F4C ] audientusbaudioks C:\WINDOWS\system32\DRIVERS\audientusbaudioks_x64.sys
13:38:48.0944 0x03f0  audientusbaudioks - detected UnsignedFile.Multi.Generic ( 1 )
13:38:51.0603 0x03f0  Detect skipped due to KSN trusted
13:38:51.0603 0x03f0  audientusbaudioks - ok
13:38:51.0712 0x03f0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:38:51.0790 0x03f0  AudioEndpointBuilder - ok
13:38:51.0837 0x03f0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:38:51.0884 0x03f0  Audiosrv - ok
13:38:51.0931 0x03f0  [ 19A629CC661BBB49E25203B9626354F9, 9FDE67E19CE0B5973441A11EB0D5CD8187C1B47B3A2C866FD6BD939D31F42924 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
13:38:51.0947 0x03f0  avgntflt - ok
13:38:52.0009 0x03f0  [ B34C86461D03F33E9B1A57699DCABED3, 127A63A3AEC796DDF7E19432CAF523CA23051058752B9772244655797B3B4CDB ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
13:38:52.0040 0x03f0  avipbb - ok
13:38:52.0243 0x03f0  [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:38:52.0275 0x03f0  Avira.ServiceHost - ok
13:38:52.0353 0x03f0  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
13:38:52.0368 0x03f0  avkmgr - ok
13:38:52.0447 0x03f0  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
13:38:52.0462 0x03f0  avnetflt - ok
13:38:52.0525 0x03f0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:38:52.0603 0x03f0  AxInstSV - ok
13:38:52.0654 0x03f0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:38:52.0670 0x03f0  b06bdrv - ok
13:38:52.0732 0x03f0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:38:52.0763 0x03f0  BasicDisplay - ok
13:38:52.0779 0x03f0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:38:52.0795 0x03f0  BasicRender - ok
13:38:52.0826 0x03f0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:38:52.0842 0x03f0  bcmfn2 - ok
13:38:52.0920 0x03f0  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:38:53.0013 0x03f0  BDESVC - ok
13:38:53.0045 0x03f0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:38:53.0123 0x03f0  Beep - ok
13:38:53.0170 0x03f0  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
13:38:53.0217 0x03f0  BFE - ok
13:38:53.0357 0x03f0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:38:53.0654 0x03f0  BITS - ok
13:38:53.0748 0x03f0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:38:53.0763 0x03f0  Bonjour Service - ok
13:38:53.0810 0x03f0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:38:53.0920 0x03f0  bowser - ok
13:38:53.0967 0x03f0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:38:54.0029 0x03f0  BrokerInfrastructure - ok
13:38:54.0060 0x03f0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
13:38:54.0107 0x03f0  Browser - ok
13:38:54.0123 0x03f0  [ 6A4643DCE663775C70CFCA8DB454E2A7, 07393385C2EA0519E342C52AC304A4D2D4A142A4E3D11F3BB2DEE4A2F1FD47C9 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
13:38:54.0139 0x03f0  BTATH_A2DP - ok
13:38:54.0170 0x03f0  [ 38383A47A110BDA90839BFA7A5918189, 876647EC7D5B5C02B8BD75A89BCC6174A05C9F26912ABA5116330CB367E7D3E5 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
13:38:54.0185 0x03f0  btath_avdt - ok
13:38:54.0232 0x03f0  [ D5418AF1B9AC86D89C045026EFBD5FB7, A23B6EEB5779DEE146E12207E6ED68EA514673436A9FC1ECBAE46D586F02D468 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
13:38:54.0248 0x03f0  BTATH_BUS - ok
13:38:54.0311 0x03f0  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
13:38:54.0326 0x03f0  BTATH_HCRP - ok
13:38:54.0357 0x03f0  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
13:38:54.0357 0x03f0  BTATH_LWFLT - ok
13:38:54.0389 0x03f0  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
13:38:54.0404 0x03f0  BTATH_RCP - ok
13:38:54.0498 0x03f0  [ 9F1F7BD1BC1131820D1BC8EB842E6209, 9F677C125B4C6BE2ED7B20B394448202CECB2428432E3E51C7725F07596DEFDA ] BTATH_VDP       C:\WINDOWS\system32\drivers\btath_vdp.sys
13:38:54.0529 0x03f0  BTATH_VDP - ok
13:38:54.0657 0x03f0  [ 25B35FDD5FE5666DC49CCC0BC6A9AD81, 0F6A9783EF72AF53F20B19E51FE40A17F72FB9CC037670ADB77970AF9CA7E376 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:38:54.0688 0x03f0  BtFilter - ok
13:38:54.0732 0x03f0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:38:54.0784 0x03f0  BthAvrcpTg - ok
13:38:54.0815 0x03f0  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
13:38:54.0830 0x03f0  BthEnum - ok
13:38:55.0123 0x03f0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:38:55.0154 0x03f0  BthHFEnum - ok
13:38:55.0171 0x03f0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:38:55.0206 0x03f0  bthhfhid - ok
13:38:55.0238 0x03f0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:38:55.0316 0x03f0  BthHFSrv - ok
13:38:55.0398 0x03f0  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:38:55.0416 0x03f0  BthLEEnum - ok
13:38:55.0436 0x03f0  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:38:55.0451 0x03f0  BTHMODEM - ok
13:38:55.0486 0x03f0  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
13:38:55.0506 0x03f0  BthPan - ok
13:38:55.0874 0x03f0  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
13:38:55.0933 0x03f0  BTHPORT - ok
13:38:55.0967 0x03f0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:38:56.0039 0x03f0  bthserv - ok
13:38:56.0057 0x03f0  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
13:38:56.0092 0x03f0  BTHUSB - ok
13:38:56.0117 0x03f0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:38:56.0133 0x03f0  cdfs - ok
13:38:56.0181 0x03f0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:38:56.0211 0x03f0  cdrom - ok
13:38:56.0274 0x03f0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:38:56.0305 0x03f0  CertPropSvc - ok
13:38:56.0337 0x03f0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:38:56.0352 0x03f0  circlass - ok
13:38:56.0442 0x03f0  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:38:56.0458 0x03f0  CLFS - ok
13:38:57.0886 0x03f0  [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:38:58.0698 0x03f0  ClickToRunSvc - ok
13:38:58.0761 0x03f0  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
13:38:58.0761 0x03f0  CLVirtualDrive - ok
13:38:58.0823 0x03f0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:38:58.0839 0x03f0  CmBatt - ok
13:38:58.0933 0x03f0  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:38:58.0962 0x03f0  CNG - ok
13:38:58.0982 0x03f0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
13:38:59.0000 0x03f0  CompositeBus - ok
13:38:59.0002 0x03f0  COMSysApp - ok
13:38:59.0020 0x03f0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:38:59.0112 0x03f0  condrv - ok
13:38:59.0224 0x03f0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:38:59.0271 0x03f0  CryptSvc - ok
13:38:59.0302 0x03f0  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:38:59.0302 0x03f0  dam - ok
13:38:59.0474 0x03f0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:38:59.0599 0x03f0  DcomLaunch - ok
13:38:59.0726 0x03f0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:38:59.0796 0x03f0  defragsvc - ok
13:38:59.0843 0x03f0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:38:59.0906 0x03f0  DeviceAssociationService - ok
13:38:59.0951 0x03f0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:38:59.0973 0x03f0  DeviceInstall - ok

Code:

ATTFilter

13:39:00.0022 0x03f0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:39:00.0038 0x03f0  Dfsc - ok
13:39:00.0085 0x03f0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:39:00.0163 0x03f0  Dhcp - ok
13:39:00.0429 0x03f0  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:39:00.0554 0x03f0  DiagTrack - ok
13:39:00.0611 0x03f0  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:39:00.0625 0x03f0  disk - ok
13:39:00.0656 0x03f0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:39:00.0690 0x03f0  dmvsc - ok
13:39:00.0734 0x03f0  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:39:00.0767 0x03f0  Dnscache - ok
13:39:00.0806 0x03f0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:39:00.0849 0x03f0  dot3svc - ok
13:39:00.0938 0x03f0  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:39:00.0953 0x03f0  dot4 - ok
13:39:00.0953 0x03f0  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
13:39:00.0969 0x03f0  Dot4Print - ok
13:39:00.0969 0x03f0  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:39:00.0985 0x03f0  dot4usb - ok
13:39:01.0064 0x03f0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
13:39:01.0099 0x03f0  DPS - ok
13:39:01.0140 0x03f0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:39:01.0152 0x03f0  drmkaud - ok
13:39:01.0195 0x03f0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:39:01.0233 0x03f0  DsmSvc - ok
13:39:01.0423 0x03f0  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:39:01.0469 0x03f0  DXGKrnl - ok
13:39:01.0512 0x03f0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:39:01.0569 0x03f0  Eaphost - ok
13:39:01.0823 0x03f0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:39:01.0921 0x03f0  ebdrv - ok
13:39:01.0999 0x03f0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
13:39:02.0017 0x03f0  EFS - ok
13:39:02.0060 0x03f0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:39:02.0074 0x03f0  EhStorClass - ok
13:39:02.0110 0x03f0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:39:02.0126 0x03f0  EhStorTcgDrv - ok
13:39:02.0180 0x03f0  [ 2B8FE9090E08F491020EA67C6876249D, E76EB3E2A533CCCB41218BE3DC103484E7D2BF160BC91F4C07C601A086B8C729 ] emaudsv         C:\WINDOWS\system32\emaudsv.exe
13:39:02.0223 0x03f0  emaudsv - ok
13:39:02.0245 0x03f0  [ 5AB2749B29B34369E9170328AB39A3CA, AD713ADF8155652E3F0C2DC68899F95C1C1E9D1EF393E6B74D6BEC713293B1A9 ] emusba10        C:\WINDOWS\system32\DRIVERS\emusba10.sys
13:39:02.0259 0x03f0  emusba10 - ok
13:39:02.0267 0x03f0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:39:02.0282 0x03f0  ErrDev - ok
13:39:02.0314 0x03f0  [ BE8117569CAA36E03683CC1BACEA1347, F4C55264838166EFC8A05ED1BA36F13B9BAD500CC17204D4C814050B8C18E107 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
13:39:02.0329 0x03f0  ESProtectionDriver - ok
13:39:02.0403 0x03f0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
13:39:02.0423 0x03f0  EventSystem - ok
13:39:02.0491 0x03f0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:39:02.0537 0x03f0  exfat - ok
13:39:02.0584 0x03f0  Fabs - ok
13:39:02.0631 0x03f0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:39:02.0647 0x03f0  fastfat - ok
13:39:02.0709 0x03f0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:39:02.0772 0x03f0  Fax - ok
13:39:02.0803 0x03f0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:39:02.0850 0x03f0  fdc - ok
13:39:02.0881 0x03f0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:39:02.0912 0x03f0  fdPHost - ok
13:39:02.0944 0x03f0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:39:02.0975 0x03f0  FDResPub - ok
13:39:03.0006 0x03f0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:39:03.0065 0x03f0  fhsvc - ok
13:39:03.0080 0x03f0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:39:03.0094 0x03f0  FileInfo - ok
13:39:03.0137 0x03f0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:39:03.0185 0x03f0  Filetrace - ok
13:39:03.0803 0x03f0  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:39:04.0020 0x03f0  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
13:39:06.0998 0x03f0  Detect skipped due to KSN trusted
13:39:06.0998 0x03f0  FirebirdServerMAGIXInstance - ok
13:39:07.0029 0x03f0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:39:07.0076 0x03f0  flpydisk - ok
13:39:07.0123 0x03f0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:39:07.0138 0x03f0  FltMgr - ok
13:39:07.0310 0x03f0  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:39:07.0373 0x03f0  FontCache - ok
13:39:07.0545 0x03f0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:39:07.0638 0x03f0  FontCache3.0.0.0 - ok
13:39:07.0670 0x03f0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:39:07.0685 0x03f0  FsDepends - ok
13:39:07.0717 0x03f0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:39:07.0732 0x03f0  Fs_Rec - ok
13:39:07.0779 0x03f0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:39:07.0795 0x03f0  fvevol - ok
13:39:07.0842 0x03f0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
13:39:07.0904 0x03f0  FxPPM - ok
13:39:07.0920 0x03f0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:39:07.0935 0x03f0  gagp30kx - ok
13:39:08.0045 0x03f0  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:39:08.0060 0x03f0  GamesAppService - ok
13:39:08.0107 0x03f0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:39:08.0154 0x03f0  GEARAspiWDM - ok
13:39:08.0201 0x03f0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:39:08.0310 0x03f0  gencounter - ok
13:39:08.0342 0x03f0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:39:08.0342 0x03f0  GPIOClx0101 - ok
13:39:08.0623 0x03f0  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:39:08.0701 0x03f0  gpsvc - ok
13:39:08.0842 0x03f0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:39:08.0857 0x03f0  gupdate - ok
13:39:08.0873 0x03f0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:39:08.0873 0x03f0  gupdatem - ok
13:39:08.0967 0x03f0  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:39:08.0982 0x03f0  gusvc - ok
13:39:09.0014 0x03f0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:39:09.0076 0x03f0  HDAudBus - ok
13:39:09.0107 0x03f0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:39:09.0139 0x03f0  HidBatt - ok
13:39:09.0170 0x03f0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:39:09.0186 0x03f0  HidBth - ok
13:39:09.0201 0x03f0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:39:09.0248 0x03f0  hidi2c - ok
13:39:09.0279 0x03f0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:39:09.0295 0x03f0  HidIr - ok
13:39:09.0326 0x03f0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:39:09.0373 0x03f0  hidserv - ok
13:39:09.0404 0x03f0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:39:09.0420 0x03f0  HidUsb - ok
13:39:09.0467 0x03f0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
13:39:09.0498 0x03f0  hkmsvc - ok
13:39:09.0576 0x03f0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:39:09.0639 0x03f0  HomeGroupListener - ok
13:39:09.0670 0x03f0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:39:09.0701 0x03f0  HomeGroupProvider - ok
13:39:10.0063 0x03f0  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:39:10.0094 0x03f0  hpqcxs08 - ok
13:39:10.0126 0x03f0  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:39:10.0141 0x03f0  hpqddsvc - ok
13:39:10.0157 0x03f0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:39:10.0173 0x03f0  HpSAMD - ok
13:39:10.0329 0x03f0  [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:39:10.0376 0x03f0  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
13:39:13.0101 0x03f0  Detect skipped due to KSN trusted
13:39:13.0101 0x03f0  HPSLPSVC - ok
13:39:13.0180 0x03f0  [ B706E5538C9540458592B3DB50FD900F, D22CA66D355295FFD9005680116C49B4175E8EAEE401639E52E344ED60324E7F ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
13:39:13.0226 0x03f0  HPSupportSolutionsFrameworkService - ok
13:39:13.0367 0x03f0  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:39:13.0398 0x03f0  HTTP - ok
13:39:13.0445 0x03f0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:39:13.0461 0x03f0  hwpolicy - ok
13:39:13.0508 0x03f0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:39:13.0539 0x03f0  hyperkbd - ok
13:39:13.0570 0x03f0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:39:13.0601 0x03f0  HyperVideo - ok
13:39:13.0711 0x03f0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:39:13.0789 0x03f0  i8042prt - ok
13:39:13.0789 0x03f0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:39:13.0805 0x03f0  iaLPSSi_GPIO - ok
13:39:13.0836 0x03f0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:39:13.0836 0x03f0  iaLPSSi_I2C - ok
13:39:13.0961 0x03f0  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:39:13.0992 0x03f0  iaStorA - ok
13:39:14.0133 0x03f0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:39:14.0164 0x03f0  iaStorAV - ok
13:39:14.0273 0x03f0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:39:14.0305 0x03f0  iaStorV - ok
13:39:14.0742 0x03f0  [ 15C9BF6968A0990D8F4161A6ABEB7229, BBF73B50938DB9EA50EE0CFF37277E44FE50EA666FA6E5AF542C8C40DBAD84CA ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:39:14.0852 0x03f0  IconMan_R - ok
13:39:14.0867 0x03f0  IEEtwCollectorService - ok
13:39:14.0898 0x03f0  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:39:14.0961 0x03f0  IKEEXT - ok
13:39:15.0168 0x03f0  [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:39:15.0293 0x03f0  IntcAzAudAddService - ok
13:39:15.0386 0x03f0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:39:15.0418 0x03f0  Intel(R) Capability Licensing Service Interface - ok
13:39:15.0464 0x03f0  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:39:15.0480 0x03f0  Intel(R) ME Service - ok
13:39:15.0511 0x03f0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:39:15.0511 0x03f0  intelide - ok
13:39:15.0558 0x03f0  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:39:15.0558 0x03f0  intelpep - ok
13:39:15.0621 0x03f0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:39:15.0668 0x03f0  intelppm - ok
13:39:15.0683 0x03f0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:39:15.0699 0x03f0  IpFilterDriver - ok
13:39:15.0918 0x03f0  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:39:15.0996 0x03f0  iphlpsvc - ok
13:39:16.0027 0x03f0  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:39:16.0043 0x03f0  IPMIDRV - ok
13:39:16.0089 0x03f0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:39:16.0105 0x03f0  IPNAT - ok
13:39:16.0277 0x03f0  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:39:16.0308 0x03f0  iPod Service - ok
13:39:16.0324 0x03f0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:39:16.0340 0x03f0  IRENUM - ok
13:39:16.0355 0x03f0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:39:16.0386 0x03f0  isapnp - ok
13:39:16.0418 0x03f0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:39:16.0433 0x03f0  iScsiPrt - ok
13:39:16.0527 0x03f0  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:39:16.0558 0x03f0  jhi_service - ok
13:39:16.0605 0x03f0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:39:16.0621 0x03f0  kbdclass - ok
13:39:16.0668 0x03f0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:39:16.0699 0x03f0  kbdhid - ok
13:39:16.0715 0x03f0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:39:16.0777 0x03f0  kdnic - ok
13:39:16.0793 0x03f0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:39:16.0808 0x03f0  KeyIso - ok
13:39:16.0840 0x03f0  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:39:16.0855 0x03f0  KSecDD - ok
13:39:16.0918 0x03f0  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:39:16.0933 0x03f0  KSecPkg - ok

Code:

ATTFilter

13:39:16.0980 0x03f0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:39:17.0016 0x03f0  ksthunk - ok
13:39:17.0063 0x03f0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:39:17.0094 0x03f0  KtmRm - ok
13:39:17.0172 0x03f0  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:39:17.0219 0x03f0  LanmanServer - ok
13:39:17.0297 0x03f0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:39:17.0531 0x03f0  LanmanWorkstation - ok
13:39:17.0703 0x03f0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
13:39:17.0828 0x03f0  lfsvc - ok
13:39:17.0860 0x03f0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:39:17.0906 0x03f0  lltdio - ok
13:39:17.0969 0x03f0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:39:18.0031 0x03f0  lltdsvc - ok
13:39:18.0063 0x03f0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:39:18.0094 0x03f0  lmhosts - ok
13:39:18.0172 0x03f0  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:39:18.0203 0x03f0  LMS - ok
13:39:18.0250 0x03f0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:39:18.0266 0x03f0  LSI_SAS - ok
13:39:18.0281 0x03f0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:39:18.0297 0x03f0  LSI_SAS2 - ok
13:39:18.0344 0x03f0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
13:39:18.0375 0x03f0  LSI_SAS3 - ok
13:39:18.0391 0x03f0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:39:18.0407 0x03f0  LSI_SSS - ok
13:39:18.0547 0x03f0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
13:39:18.0610 0x03f0  LSM - ok
13:39:18.0625 0x03f0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:39:18.0641 0x03f0  luafv - ok
13:39:18.0719 0x03f0  [ 0E4AD4D8C0A8048C00CAD9CFA082A26E, 77DE05486CA6A3DFAF7DDF249C27BE0CED7B678623D19419FE2B414BBA1E6F8E ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
13:39:18.0750 0x03f0  MBAMChameleon - ok
13:39:18.0829 0x03f0  [ E8922903632E78D9E60375E117089088, DE4E17E923AF1DAE0F42990BFBBD35CE9E0FD0483059FEDAA7B5F98034ED23AF ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
13:39:18.0844 0x03f0  MBAMFarflt - ok
13:39:18.0938 0x03f0  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
13:39:18.0969 0x03f0  MBAMProtection - ok
13:39:19.0585 0x03f0  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
13:39:19.0756 0x03f0  MBAMService - ok
13:39:19.0835 0x03f0  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:39:19.0866 0x03f0  MBAMSwissArmy - ok
13:39:19.0928 0x03f0  [ D6067E2128F6AE309F9F39EE69DE85A0, 9D172FF4CA5AED9FB7CAE8E75151A25AC34251202C4ECF563535C0DD2500AC3A ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
13:39:19.0928 0x03f0  MBAMWebProtection - ok
13:39:19.0975 0x03f0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:39:19.0975 0x03f0  megasas - ok
13:39:20.0085 0x03f0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:39:20.0116 0x03f0  megasr - ok
13:39:20.0178 0x03f0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
13:39:20.0210 0x03f0  MEIx64 - ok
13:39:20.0256 0x03f0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
13:39:20.0350 0x03f0  MMCSS - ok
13:39:20.0397 0x03f0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:39:20.0475 0x03f0  Modem - ok
13:39:20.0491 0x03f0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:39:20.0507 0x03f0  monitor - ok
13:39:20.0538 0x03f0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:39:20.0569 0x03f0  mouclass - ok
13:39:20.0647 0x03f0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:39:20.0694 0x03f0  mouhid - ok
13:39:20.0757 0x03f0  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:39:20.0772 0x03f0  mountmgr - ok
13:39:20.0850 0x03f0  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:39:20.0897 0x03f0  MozillaMaintenance - ok
13:39:20.0975 0x03f0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:39:21.0007 0x03f0  mpsdrv - ok
13:39:21.0167 0x03f0  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:39:21.0230 0x03f0  MpsSvc - ok
13:39:21.0324 0x03f0  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:39:21.0371 0x03f0  MRxDAV - ok
13:39:21.0464 0x03f0  [ 61000E7155E92342D0D5338CE05D102A, BCFA1A82B9727040C496A84F42D4613B96EC445018BDFBF2E180889B1B561559 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:39:21.0480 0x03f0  mrxsmb - ok
13:39:21.0589 0x03f0  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:39:21.0667 0x03f0  mrxsmb10 - ok
13:39:21.0683 0x03f0  [ B0A106352DEF6D52332EA39E00462EA7, 274422C1E172B673130944F2FF2A2D9A9A364CFFC02FD04DD7D6D45B34C5022A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:39:21.0699 0x03f0  mrxsmb20 - ok
13:39:21.0761 0x03f0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
13:39:21.0792 0x03f0  MsBridge - ok
13:39:21.0871 0x03f0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:39:21.0902 0x03f0  MSDTC - ok
13:39:21.0980 0x03f0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:39:21.0996 0x03f0  Msfs - ok
13:39:22.0043 0x03f0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:39:22.0058 0x03f0  msgpiowin32 - ok
13:39:22.0089 0x03f0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:39:22.0152 0x03f0  mshidkmdf - ok
13:39:22.0230 0x03f0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:39:22.0277 0x03f0  mshidumdf - ok
13:39:22.0293 0x03f0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:39:22.0308 0x03f0  msisadrv - ok
13:39:22.0371 0x03f0  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:39:22.0418 0x03f0  MSiSCSI - ok
13:39:22.0418 0x03f0  msiserver - ok
13:39:22.0433 0x03f0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:39:22.0464 0x03f0  MSKSSRV - ok
13:39:22.0496 0x03f0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:39:22.0511 0x03f0  MsLldp - ok
13:39:22.0527 0x03f0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:39:22.0574 0x03f0  MSPCLOCK - ok
13:39:22.0605 0x03f0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:39:22.0636 0x03f0  MSPQM - ok
13:39:22.0730 0x03f0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:39:22.0761 0x03f0  MsRPC - ok
13:39:22.0777 0x03f0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:39:22.0793 0x03f0  mssmbios - ok
13:39:22.0824 0x03f0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:39:22.0855 0x03f0  MSTEE - ok
13:39:22.0871 0x03f0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:39:22.0902 0x03f0  MTConfig - ok
13:39:22.0918 0x03f0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:39:22.0933 0x03f0  Mup - ok
13:39:22.0933 0x03f0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:39:22.0949 0x03f0  mvumis - ok
13:39:23.0078 0x03f0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
13:39:23.0109 0x03f0  napagent - ok
13:39:23.0156 0x03f0  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:39:23.0187 0x03f0  NativeWifiP - ok
13:39:23.0234 0x03f0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:39:23.0296 0x03f0  NcaSvc - ok
13:39:23.0328 0x03f0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:39:23.0406 0x03f0  NcbService - ok
13:39:23.0453 0x03f0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:39:23.0515 0x03f0  NcdAutoSetup - ok
13:39:23.0749 0x03f0  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:39:23.0781 0x03f0  NDIS - ok
13:39:23.0828 0x03f0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:39:23.0906 0x03f0  NdisCap - ok
13:39:23.0937 0x03f0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:39:23.0984 0x03f0  NdisImPlatform - ok
13:39:24.0015 0x03f0  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:39:24.0031 0x03f0  NdisTapi - ok
13:39:24.0062 0x03f0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:39:24.0078 0x03f0  Ndisuio - ok
13:39:24.0109 0x03f0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:39:24.0171 0x03f0  NdisVirtualBus - ok
13:39:24.0234 0x03f0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:39:24.0312 0x03f0  NdisWan - ok
13:39:24.0312 0x03f0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:39:24.0328 0x03f0  NdisWanLegacy - ok
13:39:24.0375 0x03f0  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:39:24.0437 0x03f0  NDProxy - ok
13:39:24.0484 0x03f0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:39:24.0531 0x03f0  Ndu - ok
13:39:24.0578 0x03f0  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
13:39:24.0609 0x03f0  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:39:27.0274 0x03f0  Detect skipped due to KSN trusted
13:39:27.0274 0x03f0  Net Driver HPZ12 - ok
13:39:27.0352 0x03f0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:39:27.0430 0x03f0  NetBIOS - ok
13:39:27.0508 0x03f0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:39:27.0555 0x03f0  NetBT - ok
13:39:27.0571 0x03f0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:39:27.0586 0x03f0  Netlogon - ok
13:39:27.0680 0x03f0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
13:39:27.0711 0x03f0  Netman - ok
13:39:27.0774 0x03f0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:39:27.0899 0x03f0  netprofm - ok
13:39:27.0961 0x03f0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:39:27.0992 0x03f0  NetTcpPortSharing - ok
13:39:28.0024 0x03f0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
13:39:28.0055 0x03f0  netvsc - ok

Code:

ATTFilter

13:39:28.0383 0x03f0  [ 1A586FC04490AD4B66978A7428953801, 8FB2D9746B39AE650DD87B0434E83B0BCC3779D96D5B64F658D8287A5B99D98A ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
13:39:28.0430 0x03f0  NetworkSupport - ok
13:39:28.0477 0x03f0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:39:28.0539 0x03f0  NlaSvc - ok
13:39:28.0555 0x03f0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:39:28.0586 0x03f0  Npfs - ok
13:39:28.0618 0x03f0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:39:28.0649 0x03f0  npsvctrig - ok
13:39:28.0711 0x03f0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:39:28.0758 0x03f0  nsi - ok
13:39:28.0774 0x03f0  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:39:28.0821 0x03f0  nsiproxy - ok
13:39:29.0108 0x03f0  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:39:29.0186 0x03f0  Ntfs - ok
13:39:29.0264 0x03f0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:39:29.0279 0x03f0  Null - ok
13:39:29.0311 0x03f0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:39:29.0326 0x03f0  nvraid - ok
13:39:29.0342 0x03f0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:39:29.0358 0x03f0  nvstor - ok
13:39:29.0389 0x03f0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:39:29.0404 0x03f0  nv_agp - ok
13:39:29.0717 0x03f0  [ F8B9BFF7F8FB74B69F2ABAD5AB42458C, 3B0C54CC855AA2C3C74F278EA06886AE8562B24D324A4C7B4A3C774445794176 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
13:39:29.0967 0x03f0  Origin Client Service - ok
13:39:30.0264 0x03f0  [ FEA4D2051C0B75215A28EEB9A09DEFDD, 0FE87D9FC3B768B9AC96680DAFF0C915D1F020D337CE39205920A94D1ACE382D ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
13:39:30.0358 0x03f0  Origin Web Helper Service - ok
13:39:30.0561 0x03f0  [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:39:30.0608 0x03f0  ose - ok
13:39:30.0654 0x03f0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:39:30.0701 0x03f0  p2pimsvc - ok
13:39:30.0748 0x03f0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:39:30.0842 0x03f0  p2psvc - ok
13:39:30.0889 0x03f0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:39:30.0904 0x03f0  Parport - ok
13:39:30.0967 0x03f0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:39:30.0983 0x03f0  partmgr - ok
13:39:31.0115 0x03f0  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:39:31.0161 0x03f0  PcaSvc - ok
13:39:31.0193 0x03f0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:39:31.0208 0x03f0  pci - ok
13:39:31.0271 0x03f0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:39:31.0271 0x03f0  pciide - ok
13:39:31.0302 0x03f0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:39:31.0302 0x03f0  pcmcia - ok
13:39:31.0333 0x03f0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:39:31.0396 0x03f0  pcw - ok
13:39:31.0411 0x03f0  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:39:31.0427 0x03f0  pdc - ok
13:39:31.0521 0x03f0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:39:31.0568 0x03f0  PEAUTH - ok
13:39:32.0240 0x03f0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:39:32.0318 0x03f0  PerfHost - ok
13:39:32.0599 0x03f0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
13:39:32.0661 0x03f0  pla - ok
13:39:32.0693 0x03f0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:39:32.0708 0x03f0  PlugPlay - ok
13:39:32.0990 0x03f0  [ 0554C64486399581EC5686CCBB975DFE, 5527ED1456A41B5A1502575DF5400DD88449AF3400BD20E2709C3C20B7198B87 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
13:39:33.0057 0x03f0  PMBDeviceInfoProvider - ok
13:39:33.0104 0x03f0  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
13:39:33.0119 0x03f0  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:39:35.0987 0x03f0  Detect skipped due to KSN trusted
13:39:35.0987 0x03f0  Pml Driver HPZ12 - ok
13:39:36.0050 0x03f0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:39:36.0112 0x03f0  PNRPAutoReg - ok
13:39:36.0144 0x03f0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:39:36.0159 0x03f0  PNRPsvc - ok
13:39:36.0300 0x03f0  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:39:36.0347 0x03f0  PolicyAgent - ok
13:39:36.0394 0x03f0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
13:39:36.0409 0x03f0  Power - ok
13:39:36.0722 0x03f0  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:39:36.0956 0x03f0  PrintNotify - ok
13:39:37.0402 0x03f0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:39:37.0543 0x03f0  Processor - ok
13:39:37.0574 0x03f0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:39:37.0652 0x03f0  ProfSvc - ok
13:39:37.0762 0x03f0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
13:39:37.0793 0x03f0  Psched - ok
13:39:37.0871 0x03f0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:39:38.0012 0x03f0  QWAVE - ok
13:39:38.0043 0x03f0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:39:38.0074 0x03f0  QWAVEdrv - ok
13:39:38.0137 0x03f0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:39:38.0215 0x03f0  RasAcd - ok
13:39:38.0277 0x03f0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:39:38.0324 0x03f0  RasAuto - ok
13:39:38.0418 0x03f0  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:39:38.0465 0x03f0  RasMan - ok
13:39:38.0512 0x03f0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:39:38.0543 0x03f0  RasPppoe - ok
13:39:38.0637 0x03f0  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
13:39:38.0653 0x03f0  RasSstp - ok
13:39:38.0778 0x03f0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:39:38.0871 0x03f0  rdbss - ok
13:39:38.0903 0x03f0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:39:38.0918 0x03f0  rdpbus - ok
13:39:38.0949 0x03f0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:39:38.0965 0x03f0  RDPDR - ok
13:39:39.0043 0x03f0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:39:39.0059 0x03f0  RdpVideoMiniport - ok
13:39:39.0122 0x03f0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:39:39.0169 0x03f0  rdyboost - ok
13:39:39.0356 0x03f0  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
13:39:39.0403 0x03f0  ReFS - ok
13:39:39.0481 0x03f0  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:39:39.0528 0x03f0  RemoteAccess - ok
13:39:39.0575 0x03f0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:39:39.0637 0x03f0  RemoteRegistry - ok
13:39:39.0700 0x03f0  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
13:39:39.0747 0x03f0  RFCOMM - ok
13:39:39.0778 0x03f0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:39:39.0809 0x03f0  RpcEptMapper - ok
13:39:39.0841 0x03f0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:39:39.0872 0x03f0  RpcLocator - ok
13:39:39.0966 0x03f0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:39:39.0997 0x03f0  RpcSs - ok
13:39:40.0059 0x03f0  [ FD2F7ABB0B3C777CDC9D342CADBF0131, 8C7D8C753E100B8B005FF089299062448E5FEE88E84E4CE9E050CE3F2AAC5BCB ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
13:39:40.0088 0x03f0  RSPCIESTOR - ok
13:39:40.0123 0x03f0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:39:40.0186 0x03f0  rspndr - ok
13:39:40.0217 0x03f0  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
13:39:40.0248 0x03f0  RTL8168 - ok
13:39:40.0248 0x03f0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:39:40.0295 0x03f0  s3cap - ok
13:39:40.0326 0x03f0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
13:39:40.0342 0x03f0  SamSs - ok
13:39:40.0389 0x03f0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:39:40.0404 0x03f0  sbp2port - ok
13:39:40.0436 0x03f0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:39:40.0467 0x03f0  SCardSvr - ok
13:39:40.0529 0x03f0  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:39:40.0561 0x03f0  ScDeviceEnum - ok
13:39:40.0608 0x03f0  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:39:40.0639 0x03f0  scfilter - ok
13:39:40.0733 0x03f0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:39:40.0858 0x03f0  Schedule - ok
13:39:40.0920 0x03f0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:39:40.0936 0x03f0  SCPolicySvc - ok
13:39:41.0045 0x03f0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:39:41.0110 0x03f0  sdbus - ok
13:39:41.0313 0x03f0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:39:41.0344 0x03f0  sdstor - ok
13:39:41.0438 0x03f0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
13:39:41.0500 0x03f0  secdrv - ok
13:39:41.0532 0x03f0  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:39:41.0578 0x03f0  seclogon - ok
13:39:41.0610 0x03f0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
13:39:41.0641 0x03f0  SENS - ok
13:39:41.0688 0x03f0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:39:41.0766 0x03f0  SensrSvc - ok
13:39:41.0813 0x03f0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:39:41.0828 0x03f0  SerCx - ok
13:39:41.0860 0x03f0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:39:41.0875 0x03f0  SerCx2 - ok
13:39:41.0891 0x03f0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:39:41.0907 0x03f0  Serenum - ok
13:39:41.0922 0x03f0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:39:41.0938 0x03f0  Serial - ok
13:39:41.0985 0x03f0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:39:42.0016 0x03f0  sermouse - ok
13:39:42.0079 0x03f0  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:39:42.0157 0x03f0  SessionEnv - ok
13:39:42.0188 0x03f0  [ 415B1326C40A2E1F251A3845B9C7DF31, D7BD668962B71DC3877366EB0C0BD5CDB1FF564A5866EE58DB90838D78227AD6 ] SFEP            C:\WINDOWS\System32\drivers\SFEP.sys
13:39:42.0204 0x03f0  SFEP - ok
13:39:42.0250 0x03f0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:39:42.0282 0x03f0  sfloppy - ok
13:39:42.0360 0x03f0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:39:42.0391 0x03f0  SharedAccess - ok
13:39:42.0454 0x03f0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:39:42.0547 0x03f0  ShellHWDetection - ok
13:39:42.0579 0x03f0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:39:42.0594 0x03f0  SiSRaid2 - ok
13:39:42.0610 0x03f0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:39:42.0626 0x03f0  SiSRaid4 - ok
13:39:42.0782 0x03f0  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:39:42.0844 0x03f0  SkypeUpdate - ok
13:39:42.0876 0x03f0  [ 651BE03BCD0EEA41765D453DEB6050BC, D8A8132AF78E2E8BA3BCF6EE4D1C8BB4C6F2224765E04F0254B592BCB4C3CDF1 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
13:39:42.0891 0x03f0  SmbDrvI - ok
13:39:42.0922 0x03f0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
13:39:43.0032 0x03f0  smphost - ok
13:39:43.0063 0x03f0  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:39:43.0129 0x03f0  SNMPTRAP - ok
13:39:43.0348 0x03f0  [ 3CBFEE060A4FD306F783E1A14926C9AF, 67DF4B3E23DB18E8BC15301F83B1844EFF6BD8E885CA1590EBAAFBAA441968CB ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:39:43.0395 0x03f0  SOHCImp - ok
13:39:43.0457 0x03f0  [ 06B3BFC6AB8E4731AEF2C85383486524, B03E69C0E883B863DACF251A8287D0A6043EFB4CA5CA5576EAEFA3E4486ECBEC ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
13:39:43.0504 0x03f0  SOHDms - ok
13:39:43.0535 0x03f0  [ 3F3E0E389C03AAC4705BC03BFB2A8582, 0D5BF14F12BE6167ECE974BF114336576C38DF5B83D2889316A91381B26948EC ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:39:43.0551 0x03f0  SOHDs - ok
13:39:43.0707 0x03f0  [ AA0F913B69BCEC9655ECAAA2312B29D9, 655D6E5B36ABC1C632096243F7FF55C4168A2009A5A43C8FDA5EFA67F972ADF3 ] SOWS            C:\WINDOWS\System32\drivers\sows.sys
13:39:43.0754 0x03f0  SOWS - ok
13:39:43.0911 0x03f0  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:39:43.0942 0x03f0  spaceport - ok

Code:

ATTFilter

13:39:43.0989 0x03f0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:39:44.0020 0x03f0  SpbCx - ok
13:39:44.0254 0x03f0  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
13:39:44.0301 0x03f0  SpfService - ok
13:39:44.0442 0x03f0  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:39:44.0536 0x03f0  Spooler - ok
13:39:44.0942 0x03f0  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:39:45.0083 0x03f0  sppsvc - ok
13:39:45.0165 0x03f0  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:39:45.0196 0x03f0  srv - ok
13:39:45.0259 0x03f0  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:39:45.0384 0x03f0  srv2 - ok
13:39:45.0415 0x03f0  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:39:45.0509 0x03f0  srvnet - ok
13:39:45.0556 0x03f0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:39:45.0618 0x03f0  SSDPSRV - ok
13:39:45.0650 0x03f0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:39:45.0681 0x03f0  SstpSvc - ok
13:39:45.0712 0x03f0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:39:45.0728 0x03f0  stexstor - ok
13:39:46.0056 0x03f0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:39:46.0196 0x03f0  stisvc - ok
13:39:46.0462 0x03f0  [ 5BBFA4DF4C1F3C31F6ACE4E4FE36CD90, DEBC53726C3755BE0520792251EF8ADD39AB1D333FF0006C102A3C11B150F91C ] StkCMini        C:\WINDOWS\System32\Drivers\StkCMini.sys
13:39:46.0509 0x03f0  StkCMini - ok
13:39:46.0540 0x03f0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:39:46.0556 0x03f0  storahci - ok
13:39:46.0619 0x03f0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:39:46.0634 0x03f0  storflt - ok
13:39:46.0650 0x03f0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:39:46.0665 0x03f0  stornvme - ok
13:39:46.0744 0x03f0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:39:46.0806 0x03f0  StorSvc - ok
13:39:46.0837 0x03f0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:39:46.0853 0x03f0  storvsc - ok
13:39:46.0884 0x03f0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:39:46.0931 0x03f0  svsvc - ok
13:39:46.0962 0x03f0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:39:46.0978 0x03f0  swenum - ok
13:39:47.0103 0x03f0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
13:39:47.0137 0x03f0  swprv - ok
13:39:47.0262 0x03f0  [ C54F86A754D7EA388ABD817D7A9B712C, EC2E365EE165393543A0661783410C91D32FF4413866DC0875D67FFA7DF4F763 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:39:47.0294 0x03f0  SynTP - ok
13:39:47.0481 0x03f0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:39:47.0606 0x03f0  SysMain - ok
13:39:47.0684 0x03f0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:39:47.0794 0x03f0  SystemEventsBroker - ok
13:39:47.0856 0x03f0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:39:47.0919 0x03f0  TabletInputService - ok
13:39:48.0013 0x03f0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:39:48.0106 0x03f0  TapiSrv - ok
13:39:48.0372 0x03f0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:39:48.0419 0x03f0  Tcpip - ok
13:39:48.0638 0x03f0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:39:48.0700 0x03f0  TCPIP6 - ok
13:39:48.0731 0x03f0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:39:48.0763 0x03f0  tcpipreg - ok
13:39:48.0841 0x03f0  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:39:48.0872 0x03f0  tdx - ok
13:39:49.0688 0x03f0  [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
13:39:49.0970 0x03f0  TeamViewer9 - ok
13:39:50.0032 0x03f0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:39:50.0063 0x03f0  terminpt - ok
13:39:50.0173 0x03f0  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
13:39:50.0235 0x03f0  TermService - ok
13:39:50.0298 0x03f0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
13:39:50.0329 0x03f0  Themes - ok
13:39:50.0392 0x03f0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
13:39:50.0439 0x03f0  THREADORDER - ok
13:39:50.0501 0x03f0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:39:50.0595 0x03f0  TimeBroker - ok
13:39:50.0673 0x03f0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
13:39:50.0689 0x03f0  TPM - ok
13:39:50.0736 0x03f0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:39:50.0751 0x03f0  TrkWks - ok
13:39:50.0829 0x03f0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:39:50.0845 0x03f0  TrustedInstaller - ok
13:39:50.0861 0x03f0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
13:39:50.0876 0x03f0  TsUsbFlt - ok
13:39:50.0907 0x03f0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:39:50.0907 0x03f0  TsUsbGD - ok
13:39:50.0954 0x03f0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:39:50.0970 0x03f0  tunnel - ok
13:39:51.0001 0x03f0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:39:51.0017 0x03f0  uagp35 - ok
13:39:51.0064 0x03f0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:39:51.0064 0x03f0  UASPStor - ok
13:39:51.0145 0x03f0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
13:39:51.0160 0x03f0  UCX01000 - ok
13:39:51.0191 0x03f0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:39:51.0207 0x03f0  udfs - ok
13:39:51.0254 0x03f0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:39:51.0270 0x03f0  UEFI - ok
13:39:51.0316 0x03f0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:39:51.0363 0x03f0  UI0Detect - ok
13:39:51.0410 0x03f0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:39:51.0426 0x03f0  uliagpkx - ok
13:39:51.0473 0x03f0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:39:51.0488 0x03f0  umbus - ok
13:39:51.0504 0x03f0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:39:51.0520 0x03f0  UmPass - ok
13:39:51.0582 0x03f0  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:39:51.0676 0x03f0  UmRdpService - ok
13:39:51.0895 0x03f0  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:39:51.0957 0x03f0  UNS - ok
13:39:52.0020 0x03f0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:39:52.0051 0x03f0  upnphost - ok
13:39:52.0113 0x03f0  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
13:39:52.0145 0x03f0  USBAAPL64 - ok
13:39:52.0207 0x03f0  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
13:39:52.0238 0x03f0  usbaudio - ok
13:39:52.0285 0x03f0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:39:52.0285 0x03f0  usbccgp - ok
13:39:52.0348 0x03f0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:39:52.0379 0x03f0  usbcir - ok
13:39:52.0426 0x03f0  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:39:52.0441 0x03f0  usbehci - ok
13:39:52.0613 0x03f0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:39:52.0645 0x03f0  usbhub - ok
13:39:52.0785 0x03f0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:39:52.0816 0x03f0  USBHUB3 - ok
13:39:52.0848 0x03f0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:39:52.0895 0x03f0  usbohci - ok
13:39:52.0926 0x03f0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:39:52.0957 0x03f0  usbprint - ok
13:39:52.0988 0x03f0  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\System32\drivers\usbscan.sys
13:39:53.0004 0x03f0  usbscan - ok
13:39:53.0051 0x03f0  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:39:53.0066 0x03f0  USBSTOR - ok
13:39:53.0098 0x03f0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:39:53.0134 0x03f0  usbuhci - ok
13:39:53.0165 0x03f0  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
13:39:53.0228 0x03f0  usbvideo - ok
13:39:53.0353 0x03f0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:39:53.0384 0x03f0  USBXHCI - ok
13:39:53.0509 0x03f0  [ 1CA1DC88D9484BCFD6C26560F397539A, 95C2AB45D4682BB4F75F1D03D57CCA944BA570EFEA06E0AB71062C6E6E7C7F4A ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
13:39:53.0509 0x03f0  VAIO Event Service - ok
13:39:53.0712 0x03f0  [ 8EF62038EBD54C240486A36F9259C64A, D2EA5718C13D5E62DCA06013E67E651847172950ED7ED7CA7C25CC8422D54260 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:39:53.0744 0x03f0  VAIO Power Management - ok
13:39:53.0806 0x03f0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:39:53.0837 0x03f0  VaultSvc - ok
13:39:54.0072 0x03f0  [ 3B00B812D4E88FEA3F557DFC07BE415C, CC30E0696584FCB6AE2579F20458D8BC5747D5E16860D62D444BCA45DE2491AB ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:39:54.0181 0x03f0  VCFw - detected UnsignedFile.Multi.Generic ( 1 )
13:39:56.0936 0x03f0  VCFw ( UnsignedFile.Multi.Generic ) - warning
13:40:00.0058 0x03f0  [ 8F0840FF3A11D6B3F767AD6C79AC2A40, 23A9AFB841CAD5E3FA8360BB2C9531DACCF8D113145CFFE2C9D7BDE507C77509 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
13:40:00.0089 0x03f0  VCService - ok
13:40:00.0136 0x03f0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:40:00.0167 0x03f0  vdrvroot - ok
13:40:00.0495 0x03f0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
13:40:00.0558 0x03f0  vds - ok
13:40:00.0573 0x03f0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:40:00.0589 0x03f0  VerifierExt - ok
13:40:00.0776 0x03f0  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:40:00.0808 0x03f0  vhdmp - ok
13:40:00.0823 0x03f0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
13:40:00.0839 0x03f0  viaide - ok
13:40:00.0902 0x03f0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:40:00.0933 0x03f0  vmbus - ok
13:40:00.0964 0x03f0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:40:00.0980 0x03f0  VMBusHID - ok
13:40:01.0073 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:40:01.0139 0x03f0  vmicguestinterface - ok
13:40:01.0140 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:40:01.0171 0x03f0  vmicheartbeat - ok
13:40:01.0171 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:40:01.0203 0x03f0  vmickvpexchange - ok
13:40:01.0281 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:40:01.0312 0x03f0  vmicrdv - ok
13:40:01.0359 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:40:01.0390 0x03f0  vmicshutdown - ok
13:40:01.0468 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:40:01.0500 0x03f0  vmictimesync - ok
13:40:01.0562 0x03f0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:40:01.0578 0x03f0  vmicvss - ok
13:40:01.0640 0x03f0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:40:01.0671 0x03f0  volmgr - ok
13:40:01.0718 0x03f0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:40:01.0765 0x03f0  volmgrx - ok
13:40:01.0843 0x03f0  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:40:01.0875 0x03f0  volsnap - ok
13:40:01.0937 0x03f0  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:40:01.0953 0x03f0  vpci - ok
13:40:02.0015 0x03f0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:40:02.0046 0x03f0  vsmraid - ok
13:40:02.0359 0x03f0  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
13:40:02.0469 0x03f0  VSS - ok
13:40:02.0500 0x03f0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:40:02.0515 0x03f0  VSTXRAID - ok

JaTa · 06.02.2017, 14:24

und einer kommt noch nach

Code:

ATTFilter

13:40:02.0812 0x03f0  [ 16595E67A5AE390C70F4A482644C6D3D, 5D233199963E4970CDE93A800E4C40E675979AE255590E060391AE315D45DA71 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
13:40:02.0859 0x03f0  VUAgent - ok
13:40:02.0948 0x03f0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:40:03.0023 0x03f0  vwifibus - ok
13:40:03.0054 0x03f0  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
13:40:03.0073 0x03f0  vwififlt - ok
13:40:03.0108 0x03f0  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
13:40:03.0146 0x03f0  vwifimp - ok
13:40:03.0183 0x03f0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
13:40:03.0245 0x03f0  W32Time - ok
13:40:03.0261 0x03f0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:40:03.0292 0x03f0  WacomPen - ok
13:40:03.0383 0x03f0  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:40:03.0467 0x03f0  wbengine - ok
13:40:03.0508 0x03f0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:40:03.0560 0x03f0  WbioSrvc - ok
13:40:03.0647 0x03f0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:40:03.0678 0x03f0  Wcmsvc - ok
13:40:03.0725 0x03f0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:40:03.0756 0x03f0  wcncsvc - ok
13:40:03.0772 0x03f0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:40:03.0787 0x03f0  WcsPlugInService - ok
13:40:03.0837 0x03f0  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:40:03.0849 0x03f0  WdBoot - ok
13:40:03.0896 0x03f0  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
13:40:03.0909 0x03f0  WDC_SAM - ok
13:40:04.0040 0x03f0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:40:04.0065 0x03f0  Wdf01000 - ok
13:40:04.0141 0x03f0  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:40:04.0169 0x03f0  WdFilter - ok
13:40:04.0218 0x03f0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:40:04.0260 0x03f0  WdiServiceHost - ok
13:40:04.0265 0x03f0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:40:04.0281 0x03f0  WdiSystemHost - ok
13:40:04.0352 0x03f0  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:40:04.0366 0x03f0  WdNisDrv - ok
13:40:04.0418 0x03f0  WdNisSvc - ok
13:40:04.0494 0x03f0  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:40:04.0561 0x03f0  WebClient - ok
13:40:04.0620 0x03f0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:40:04.0658 0x03f0  Wecsvc - ok
13:40:04.0695 0x03f0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:40:04.0699 0x03f0  WEPHOSTSVC - ok
13:40:04.0752 0x03f0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:40:04.0817 0x03f0  wercplsupport - ok
13:40:04.0880 0x03f0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:40:04.0958 0x03f0  WerSvc - ok
13:40:04.0989 0x03f0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:40:05.0036 0x03f0  WFPLWFS - ok
13:40:05.0067 0x03f0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:40:05.0083 0x03f0  WiaRpc - ok
13:40:05.0114 0x03f0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:40:05.0130 0x03f0  WIMMount - ok
13:40:05.0130 0x03f0  WinDefend - ok
13:40:05.0270 0x03f0  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:40:05.0301 0x03f0  WinHttpAutoProxySvc - ok
13:40:05.0770 0x03f0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:40:05.0833 0x03f0  Winmgmt - ok
13:40:06.0192 0x03f0  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:40:06.0270 0x03f0  WinRM - ok
13:40:06.0317 0x03f0  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
13:40:06.0348 0x03f0  WinUsb - ok
13:40:06.0552 0x03f0  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:40:06.0614 0x03f0  WlanSvc - ok
13:40:06.0864 0x03f0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:40:06.0927 0x03f0  wlidsvc - ok
13:40:06.0973 0x03f0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:40:07.0020 0x03f0  WmiAcpi - ok
13:40:07.0083 0x03f0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:40:07.0130 0x03f0  wmiApSrv - ok
13:40:07.0161 0x03f0  WMPNetworkSvc - ok
13:40:07.0239 0x03f0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:40:07.0270 0x03f0  Wof - ok
13:40:07.0661 0x03f0  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:40:07.0770 0x03f0  workfolderssvc - ok
13:40:07.0833 0x03f0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:40:07.0872 0x03f0  wpcfltr - ok
13:40:07.0928 0x03f0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
13:40:07.0946 0x03f0  WPCSvc - ok
13:40:07.0978 0x03f0  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:40:08.0013 0x03f0  WPDBusEnum - ok
13:40:08.0058 0x03f0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:40:08.0083 0x03f0  WpdUpFltr - ok
13:40:08.0115 0x03f0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:40:08.0131 0x03f0  ws2ifsl - ok
13:40:08.0183 0x03f0  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:40:08.0230 0x03f0  wscsvc - ok
13:40:08.0235 0x03f0  WSearch - ok
13:40:08.0799 0x03f0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
13:40:08.0931 0x03f0  WSService - ok
13:40:09.0426 0x03f0  [ 8223EE1D7F869C35D8D4F7B6B6CA9016, 99C6A47EADB2D565B668FF50C56078B2019C658502A587972F034C663CA1BF18 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:40:09.0599 0x03f0  wuauserv - ok
13:40:09.0708 0x03f0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:40:09.0740 0x03f0  WudfPf - ok
13:40:09.0771 0x03f0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:40:09.0802 0x03f0  WUDFRd - ok
13:40:09.0833 0x03f0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:40:09.0880 0x03f0  wudfsvc - ok
13:40:10.0068 0x03f0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
13:40:10.0099 0x03f0  WUDFWpdFs - ok
13:40:10.0099 0x03f0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
13:40:10.0115 0x03f0  WUDFWpdMtp - ok
13:40:10.0412 0x03f0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:40:10.0505 0x03f0  WwanSvc - ok
13:40:10.0552 0x03f0  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
13:40:10.0708 0x03f0  xusb22 - ok
13:40:11.0083 0x03f0  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:40:11.0146 0x03f0  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:40:13.0894 0x03f0  Detect skipped due to KSN trusted
13:40:13.0894 0x03f0  ZAtheros Bt and Wlan Coex Agent - ok
13:40:13.0968 0x03f0  [ 6FA912F9E4DDC6E4F9C31340F1BDEF9A, 7421D514D21591A1F940E794ADC293410F57034C746FD9F38B305D1AB70360FB ] zmuac2audio     C:\WINDOWS\system32\drivers\zmuac2audio.sys
13:40:13.0997 0x03f0  zmuac2audio - ok
13:40:14.0077 0x03f0  [ 2CC268C062098B434166BD5AF4522E1D, CAD6ED5618CF36617BCDA924C62F393B48820B7609DF6F04C2DED7DE91BB9DB4 ] zmuac2service   C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe
13:40:14.0105 0x03f0  zmuac2service - detected UnsignedFile.Multi.Generic ( 1 )
13:40:16.0802 0x03f0  zmuac2service ( UnsignedFile.Multi.Generic ) - warning
13:40:19.0802 0x03f0  ================ Scan global ===============================
13:40:19.0865 0x03f0  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
13:40:19.0943 0x03f0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
13:40:19.0990 0x03f0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
13:40:20.0036 0x03f0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
13:40:20.0052 0x03f0  [ Global ] - ok
13:40:20.0052 0x03f0  ================ Scan MBR ==================================
13:40:20.0115 0x03f0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:40:20.0738 0x03f0  \Device\Harddisk0\DR0 - ok
13:40:20.0738 0x03f0  ================ Scan VBR ==================================
13:40:20.0753 0x03f0  [ 618114CF03AA68B0E02B902D614F96BF ] \Device\Harddisk0\DR0\Partition1
13:40:20.0753 0x03f0  \Device\Harddisk0\DR0\Partition1 - ok
13:40:20.0785 0x03f0  [ FDC8FB1588D2BAE3476D3F1F493407AC ] \Device\Harddisk0\DR0\Partition2
13:40:20.0850 0x03f0  \Device\Harddisk0\DR0\Partition2 - ok
13:40:20.0866 0x03f0  [ 9EDF87C39FE979EA7A56B5427225FA9F ] \Device\Harddisk0\DR0\Partition3
13:40:20.0882 0x03f0  \Device\Harddisk0\DR0\Partition3 - ok
13:40:20.0897 0x03f0  [ CA139E4C6472338501A1B6ACD959D7E8 ] \Device\Harddisk0\DR0\Partition4
13:40:20.0897 0x03f0  \Device\Harddisk0\DR0\Partition4 - ok
13:40:20.0913 0x03f0  [ 25C7708D4109144027FA8FC607DDBB1F ] \Device\Harddisk0\DR0\Partition5
13:40:20.0913 0x03f0  \Device\Harddisk0\DR0\Partition5 - ok
13:40:20.0944 0x03f0  [ 0F37A64CB6D66524BAAAA652FBE29C35 ] \Device\Harddisk0\DR0\Partition6
13:40:20.0961 0x03f0  \Device\Harddisk0\DR0\Partition6 - ok
13:40:20.0962 0x03f0  [ C4DF8BE1B356E5E7B43E6D445F3FDB3D ] \Device\Harddisk0\DR0\Partition7
13:40:20.0962 0x03f0  \Device\Harddisk0\DR0\Partition7 - ok
13:40:20.0962 0x03f0  ================ Scan generic autorun ======================
13:40:21.0321 0x03f0  [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:40:21.0352 0x03f0  RtHDVBg - ok
13:40:21.0508 0x03f0  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
13:40:21.0555 0x03f0  iTunesHelper - ok
13:40:21.0555 0x03f0  SynTPEnh - ok
13:40:22.0118 0x03f0  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
13:40:22.0180 0x03f0  Malwarebytes TrayApp - ok
13:40:22.0196 0x03f0  mcui_exe - ok
13:40:22.0243 0x03f0  [ 2E2F360FF158A67F8128EFAAF974189C, 5EDAAF7CCF381B5E767030F2DC52C37F972C4EA36F33BD7D9C422F74AF232DDD ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
13:40:22.0290 0x03f0  ISBMgr.exe - ok
13:40:22.0634 0x03f0  [ 717CECF8A6F55295A2A8B9ED4C64D800, DFB90D541F7EC5E23159B31E1E103DA4418B121E8C384CE054111A5FAFFE3CD5 ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
13:40:22.0680 0x03f0  PMBVolumeWatcher - ok
13:40:22.0790 0x03f0  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:40:22.0821 0x03f0  Intel AppUp(R) center - ok
13:40:22.0977 0x03f0  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:40:23.0009 0x03f0  APSDaemon - ok
13:40:23.0529 0x03f0  [ 1BC31F797516DC7B7446B62A849D5905, 49B35A41F1C3739800CBA2A559C2AEFE89FBC090F8305681AF3B379B639E16AA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:40:23.0576 0x03f0  avgnt - ok
13:40:23.0623 0x03f0  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
13:40:23.0654 0x03f0  UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
13:40:26.0316 0x03f0  Detect skipped due to KSN trusted
13:40:26.0316 0x03f0  UpdReg - ok
13:40:26.0613 0x03f0  [ 696A74A2E7AAD166D0A97499A43AD084, A661156C420B3198A82A6A395B986B28E89645CCFEFF4ED68B95EE5FC447E032 ] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition\TrayServer.exe
13:40:26.0660 0x03f0  TrayServer - detected UnsignedFile.Multi.Generic ( 1 )
13:40:29.0391 0x03f0  Detect skipped due to KSN trusted
13:40:29.0391 0x03f0  TrayServer - ok
13:40:29.0391 0x03f0  doubleTwist - ok
13:40:29.0594 0x03f0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
13:40:29.0626 0x03f0  HP Software Update - ok
13:40:29.0797 0x03f0  [ D52A9A510A6DFEE64639DCA7B39B9E0A, D62CA8DC336A31B55C4BFD4760ED73C1262859B7F5FD1D5AA72D4B48C91E163D ] C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
13:40:29.0829 0x03f0  E-MU USB Audio Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
13:40:32.0537 0x03f0  Detect skipped due to KSN trusted
13:40:32.0537 0x03f0  E-MU USB Audio Control Panel - ok
13:40:32.0568 0x03f0  OfficeSyncProcess - ok
13:40:32.0887 0x03f0  [ 132CF8F4EC2B32E995A8A4C435E4F6F6, C83940D1E66719AB25313AEEB3DDE41AD27FF265E9016A12BC6977C7136E8E17 ] C:\Program Files (x86)\Origin\Origin.exe
13:40:32.0994 0x03f0  EADM - ok
13:40:33.0172 0x03f0  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
13:40:33.0205 0x03f0  Dropbox Update - ok
13:40:33.0302 0x03f0  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
13:40:33.0344 0x03f0  BingSvc - ok
13:40:33.0430 0x03f0  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
13:40:33.0493 0x03f0  WAB Migrate - ok
13:40:33.0495 0x03f0  Waiting for KSN requests completion. In queue: 5
13:40:34.0496 0x03f0  Waiting for KSN requests completion. In queue: 5
13:40:35.0497 0x03f0  Waiting for KSN requests completion. In queue: 5
13:40:36.0565 0x03f0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
13:40:36.0565 0x03f0  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.138 ), 0x61000 ( enabled : updated )
13:40:36.0580 0x03f0  Win FW state via NFP2: enabled ( trusted )
13:40:39.0216 0x03f0  ============================================================
13:40:39.0216 0x03f0  Scan finished
13:40:39.0216 0x03f0  ============================================================
13:40:39.0232 0x04d8  Detected object count: 2
13:40:39.0232 0x04d8  Actual detected object count: 2
13:41:44.0936 0x04d8  VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:44.0936 0x04d8  VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:41:44.0936 0x04d8  zmuac2service ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:44.0936 0x04d8  zmuac2service ( UnsignedFile.Multi.Generic ) - User select action: Skip

Code:

ATTFilter

Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Sun 05.02.2017 21:19:22 your computer crashed
crash dump file: C:\WINDOWS\Minidump\020517-27046-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14E3A0)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFE001AB6CFAE0, 0x7FFD4A8335E0)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

On Sun 05.02.2017 21:19:22 your computer crashed
crash dump file: C:\WINDOWS\memory.dmp
This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFE001AB6CFAE0, 0x7FFD4A8335E0)
Error: KERNEL_DATA_INPAGE_ERROR
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

On Sun 05.02.2017 10:53:00 your computer crashed
crash dump file: C:\WINDOWS\Minidump\020517-39031-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14E3A0)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFE001ABFE2A40, 0x130EB98)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

On Sun 05.02.2017 09:56:48 your computer crashed
crash dump file: C:\WINDOWS\Minidump\020517-178000-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14E3A0)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFE00030F69010, 0x27C2000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

On Sat 04.02.2017 22:18:30 your computer crashed
crash dump file: C:\WINDOWS\Minidump\020417-25218-01.dmp
This was probably caused by the following module: msfs.sys (0xFFFFF80084E27000)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFE000725EA860, 0xFFFFF80084E27000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\WINDOWS\system32\drivers\msfs.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: Mailslot driver
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

46 crash dumps have been found and analyzed. Only 5 are included in this report. No offending third party drivers have been found. Connsider using WhoCrashed Professional which offers more detailed analysis using symbol resolution. Also configuring your system to produce a full memory dump may help you.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

burningice · 06.02.2017, 19:35

okay, lassen wir das mit Malwarebytes.

Schritt: 1
Lade Dir bitte von hier

Emsisoft Emergency Kit herunter.

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

JaTa · 07.02.2017, 21:43

Sorry es hat etwas gedauert hier nun die Ergebnisse vom Emsisoft-Scan

Code:

ATTFilter

Emsisoft Emergency Kit – Version 12.0
Letztes Update: 06.02.2017 22:41:02
Benutzerkonto: JATA\JaTa
Computer name: JATA
OS version: Windows 8.1x64 

Scan-Einstellungen:

Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien

PUPs-Erkennung: An
Archiv-Scan: Aus
ADS-Scan: An
Dateierweiterungen: Aus
Direkter Festplattenzugriff: Aus

Scan-Beginn:	07.02.2017 21:00:15
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199} 	Gefunden: Application.Win32.InstallExt (A) []
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} 	Gefunden: Application.Win32.InstallExt (A) []
C:\Program Files (x86)\Microsoft Office\Office 2010 Toolkit.exe 	Gefunden: Application.KeyGen.GA (B) [krnl.xmd]

Gescannt:	101302
Gefunden	3

Scan-Ende:	07.02.2017 21:25:40
Scan-Zeit:	0:25:25

C:\Program Files (x86)\Microsoft Office\Office 2010 Toolkit.exe	 Application.KeyGen.GA (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}	 Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}	 Application.Win32.InstallExt (A)

Quarantäne	3

nebenbei hat sich mein Antivir gemeldet und eine verdächtige Datei in die Quarantäne gepackt hier der Bericht

Code:

ATTFilter

Muster 'PUA/OpenCandy.Gen [riskware]'
in Datei 'C:\Users\Jana\AppData\Local\Temp\nsu4FB8.tmp\OCSetupHlp.dll gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben

So Schritt 2

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von JaTa (Administrator) auf JATA (07-02-2017 21:36:33)
Gestartet von C:\Users\Jana\Desktop
Geladene Profile: JaTa &  (Verfügbare Profile: JaTa & green_000 & Tato & admini)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(E-MU Systems) C:\WINDOWS\System32\emaudsv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ZOOM) C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(© 2015 Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ZOOM) C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [doubleTwist] => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UAC-2 MixEfx Startup] => C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe [14848 2015-04-23] (ZOOM)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [E-MU USB Audio Control Panel] => C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [274432 2007-11-26] (E-MU Systems)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3502576 2016-10-29] (Electronic Arts)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [Dropbox Update] => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [BingSvc] => C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {b0ff46d6-7bd5-11e5-bec1-5453ed3b7812} - "F:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-07-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5FBCFB0E-94B8-4F44-AAEB-CCC7A39FE717}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{95F07F3B-B0C3-4532-9325-7BB1ADA92F1C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205319786\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205319786\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205319786\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> DefaultScope {23BBA55F-0E89-493A-9AB4-20428EB24552} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> {FDE9174A-DDB1-426D-BEC3-E72348445B9E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427 -> {4F0BDCD2-DE55-4F76-AF6F-67FFF8D04A51} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677 -> {8AECA907-E97B-4168-A50C-73B2B8B2DBBF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205319786 -> {93DC171F-A7B7-44DC-8698-F4309431CD20} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default [2017-02-07]
FF NewTab: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\5c9b13n1.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (GreatDealz) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\@greatdealz.xpi [2016-11-18]
FF Extension: (Bing Search) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\bingsearch.full@microsoft.com.xpi [2017-01-29]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-01]
FF Extension: (YouTube High Definition) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-02-01]
FF Extension: (Adblock Plus) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\searchplugins\bing-.xml [2017-01-29]
FF HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-07-17] (Intel)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-07-17] (Intel)

Chrome: 
=======
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2017-02-07]
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-17]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-17]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-26]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-26]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-26]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-17]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-17]
CHR Extension: (Avira Browserschutz) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-26]
CHR Extension: (Stuff.tv CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcjccadpaggjijncnedadbobkbimmjpk [2017-01-27]
CHR Extension: (Data generator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\legklhfpihknmgmlhiadachbaihccpho [2017-01-30]
CHR Extension: (Manage Tabs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\memofnfkklanghgnaleppdgfnmbojdbk [2017-01-30]
CHR Extension: (Perfect.com CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijlcckaclcecjlibilijgacfdomphgp [2017-02-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 emaudsv; C:\WINDOWS\system32\emaudsv.exe [25600 2007-11-26] (E-MU Systems)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24376 2015-06-30] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-17] (Sony Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-29] (Electronic Arts)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [Datei ist nicht signiert]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [Datei ist nicht signiert]
R2 zmuac2service; C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe [127488 2015-04-22] (ZOOM) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-10-22] (Advanced Micro Devices)
S3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio_x64.sys [269312 2015-09-03] () [Datei ist nicht signiert]
S3 audientusbaudioks; C:\WINDOWS\system32\DRIVERS\audientusbaudioks_x64.sys [50688 2015-09-03] () [Datei ist nicht signiert]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 emusba10; C:\WINDOWS\system32\DRIVERS\emusba10.sys [213272 2007-11-26] (E-MU Systems)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-04] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-07] (Malwarebytes)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 StkCMini; C:\WINDOWS\System32\Drivers\StkCMini.sys [1917576 2010-06-07] (Syntek)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 zmuac2audio; C:\WINDOWS\system32\drivers\zmuac2audio.sys [184832 2015-04-22] (ZOOM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-07 21:36 - 2017-02-07 21:36 - 00000000 ____D C:\Users\Jana\Desktop\FRST-OlderVersion
2017-02-07 20:50 - 2017-02-07 20:51 - 00279664 _____ C:\WINDOWS\Minidump\020717-28343-01.dmp
2017-02-07 19:42 - 2017-02-07 19:42 - 00279664 _____ C:\WINDOWS\Minidump\020717-46984-01.dmp
2017-02-06 22:36 - 2017-02-07 21:29 - 00000000 ___DC C:\EEK
2017-02-06 21:54 - 2017-02-06 22:35 - 286730600 _____ C:\Users\Jana\Desktop\EmsisoftEmergencyKit.exe
2017-02-06 14:18 - 2017-02-06 22:03 - 00000000 ____D C:\Program Files\WhoCrashed
2017-02-06 14:18 - 2017-02-06 14:20 - 00000975 _____ C:\Users\Jana\Desktop\WhoCrashed.lnk
2017-02-06 14:17 - 2017-02-06 14:17 - 04958280 _____ (Resplendence Software Projects Sp. ) C:\Users\Jana\Desktop\whocrashedSetup.exe
2017-02-06 13:37 - 2017-02-06 14:17 - 00254112 ____C C:\TDSSKiller.3.1.0.12_06.02.2017_13.37.10_log.txt
2017-02-06 13:35 - 2017-02-06 13:35 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Jana\Desktop\tdsskiller.exe
2017-02-05 22:59 - 2017-02-05 22:59 - 00128316 _____ C:\Users\Jana\Documents\scannow ergebnis.pdf
2017-02-05 21:46 - 2017-02-05 21:52 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4215103822-3391258602-2653336318-1009
2017-02-05 21:44 - 2017-02-05 21:44 - 00000000 ____D C:\Users\admini\AppData\Local\Sony Corporation
2017-02-05 21:41 - 2017-02-05 21:41 - 00000000 ____D C:\Users\admini\AppData\Roaming\Atheros
2017-02-05 21:39 - 2017-02-07 19:44 - 00000000 ____D C:\Users\admini
2017-02-05 21:39 - 2017-02-05 21:48 - 00000000 ____D C:\Users\admini\AppData\Local\Packages
2017-02-05 21:39 - 2017-02-05 21:47 - 00000000 ____D C:\Users\admini\AppData\Roaming\Sony Corporation
2017-02-05 21:39 - 2017-02-05 21:39 - 00001414 _____ C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-05 21:39 - 2017-02-05 21:39 - 00000020 ___SH C:\Users\admini\ntuser.ini
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Vorlagen
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Startmenü
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Netzwerkumgebung
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Lokale Einstellungen
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Eigene Dateien
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Druckumgebung
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Videos
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Musik
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Bilder
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Local\Verlauf
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Local\Anwendungsdaten
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Anwendungsdaten
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Roaming\Adobe
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Local\VirtualStore
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Local\Google
2017-02-05 21:39 - 2016-10-07 15:46 - 00002266 _____ C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-05 21:39 - 2015-03-27 18:20 - 00000000 ____D C:\Users\admini\AppData\Roaming\Macromedia
2017-02-05 21:39 - 2014-07-19 07:17 - 00000000 ____D C:\Users\admini\AppData\Roaming\ATI
2017-02-05 21:39 - 2014-07-19 07:17 - 00000000 ____D C:\Users\admini\AppData\Local\ATI
2017-02-05 21:39 - 2014-07-18 20:41 - 00000000 ____D C:\Users\admini\AppData\Local\Microsoft Help
2017-02-05 21:20 - 2017-02-05 21:20 - 00279608 _____ C:\WINDOWS\Minidump\020517-27046-01.dmp
2017-02-05 20:56 - 2017-02-05 20:56 - 00178711 _____ C:\Users\Jana\Documents\Ergebnisse Scan.pdf
2017-02-05 20:35 - 2017-02-05 20:35 - 00001418 _____ C:\Users\TEMP.JATA.002\Documents\Schlüssel.reg
2017-02-05 20:02 - 2017-02-05 20:02 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Sony Corporation
2017-02-05 19:57 - 2017-02-05 20:06 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Sony Corporation
2017-02-05 19:57 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Atheros
2017-02-05 19:57 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Google
2017-02-05 19:56 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Packages
2017-02-05 19:56 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002
2017-02-05 19:56 - 2017-02-05 19:56 - 00001414 _____ C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-05 19:56 - 2017-02-05 19:56 - 00000020 ___SH C:\Users\TEMP.JATA.002\ntuser.ini
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Vorlagen
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Startmenü
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Netzwerkumgebung
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Lokale Einstellungen
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Eigene Dateien
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Druckumgebung
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Videos
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Musik
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Bilder
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Local\Verlauf
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Local\Anwendungsdaten
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Anwendungsdaten
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Adobe
2017-02-05 19:56 - 2016-10-07 15:46 - 00002266 _____ C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-05 19:56 - 2015-03-27 18:20 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Macromedia
2017-02-05 19:56 - 2014-07-19 07:17 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\ATI
2017-02-05 19:56 - 2014-07-19 07:17 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\ATI
2017-02-05 19:56 - 2014-07-18 20:41 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Microsoft Help
2017-02-05 10:54 - 2017-02-05 10:55 - 00279608 _____ C:\WINDOWS\Minidump\020517-39031-01.dmp
2017-02-05 10:49 - 2017-02-05 10:49 - 00000000 ____D C:\Users\Jana\Documents\Benutzerdefinierte Office-Vorlagen
2017-02-05 10:16 - 2017-02-05 10:17 - 00279608 _____ C:\WINDOWS\Minidump\020517-178000-01.dmp
2017-02-05 10:13 - 2017-02-05 10:13 - 00000000 __SHD C:\found.001
2017-02-04 22:19 - 2017-02-04 22:20 - 00279608 _____ C:\WINDOWS\Minidump\020417-25218-01.dmp
2017-02-04 21:51 - 2017-02-04 21:51 - 00279608 _____ C:\WINDOWS\Minidump\020417-28828-01.dmp
2017-02-04 21:10 - 2017-02-04 21:11 - 04015056 _____ C:\Users\Jana\Desktop\AdwCleaner_6.043.exe
2017-02-04 21:04 - 2017-02-07 20:55 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-04 21:04 - 2017-02-07 20:53 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-04 21:04 - 2017-02-07 20:53 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-04 21:04 - 2017-02-07 20:53 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-04 21:04 - 2017-02-04 21:04 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-04 21:03 - 2017-02-04 21:03 - 00001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-04 21:03 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-04 21:01 - 2017-02-04 21:02 - 55566792 _____ (Malwarebytes ) C:\Users\Jana\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-03 11:49 - 2017-02-03 11:52 - 00052368 _____ C:\Users\Jana\Desktop\Addition.txt
2017-02-03 11:47 - 2017-02-07 21:36 - 00031844 _____ C:\Users\Jana\Desktop\FRST.txt
2017-02-03 11:47 - 2017-02-07 21:36 - 00000000 ___DC C:\FRST
2017-02-02 20:58 - 2017-02-07 21:36 - 02421248 ____C (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2017-02-02 13:40 - 2017-02-02 13:41 - 00279608 _____ C:\WINDOWS\Minidump\020217-31390-01.dmp
2017-02-01 22:04 - 2017-02-06 14:27 - 00000000 ___DC C:\AdwCleaner
2017-01-17 14:51 - 2017-01-17 14:51 - 01427282 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00577639 _____ C:\WINDOWS\Packet.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288106 _____ C:\WINDOWS\SentOSPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288088 _____ C:\WINDOWS\Control.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00003480 _____ C:\WINDOWS\NGIControl.KTL

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-07 21:37 - 2014-01-21 19:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-07 21:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-07 21:26 - 2013-12-17 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-07 21:03 - 2013-11-29 21:25 - 00000000 ____D C:\Users\Jana\AppData\Local\Packages
2017-02-07 20:53 - 2016-07-18 18:31 - 00002894 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-07 20:53 - 2014-07-18 20:29 - 00000000 ____D C:\Users\Tato
2017-02-07 20:53 - 2014-01-20 21:01 - 00000284 _____ C:\WINDOWS\Tasks\AutoKMS.job
2017-02-07 20:51 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-07 20:50 - 2014-09-14 18:38 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-07 20:50 - 2014-06-02 20:42 - 637170097 _____ C:\WINDOWS\MEMORY.DMP
2017-02-07 20:31 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-07 19:44 - 2014-07-18 20:29 - 00000000 ____D C:\Users\Jana
2017-02-07 18:36 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-02-07 12:27 - 2016-12-05 22:07 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2017-02-07 12:20 - 2013-11-29 21:34 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-06 22:38 - 2016-12-26 11:51 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 22:38 - 2016-12-26 11:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 21:55 - 2013-12-27 09:30 - 00000000 ____D C:\Users\Jana\Documents\Outlook-Dateien
2017-02-05 20:57 - 2015-11-09 10:29 - 00422400 ___SH C:\Users\Jana\Documents\Thumbs.db
2017-02-05 20:53 - 2013-11-30 18:39 - 00216576 ___SH C:\Users\Jana\Desktop\Thumbs.db
2017-02-05 20:40 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-02-05 11:37 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-04 21:53 - 2014-07-18 20:29 - 00000000 ____D C:\Users\green_000
2017-02-03 16:25 - 2016-03-21 17:03 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Tokyo Dawn Labs
2017-02-03 11:44 - 2016-07-25 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-03 11:43 - 2014-07-19 07:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-01 22:27 - 2016-12-16 19:46 - 00003162 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-01 22:27 - 2016-10-07 15:46 - 00003170 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-01 22:27 - 2016-10-07 15:46 - 00002353 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-01 22:07 - 2014-08-23 21:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Yahoo!
2017-01-29 19:46 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2017-01-29 18:50 - 2014-01-20 22:02 - 00000000 ____D C:\ProgramData\Skype
2017-01-29 18:49 - 2014-10-07 11:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-24 15:40 - 2013-06-23 04:31 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-17 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-17 16:19 - 2014-01-19 21:47 - 00000000 ___RD C:\Users\Jana\Dropbox
2017-01-17 15:22 - 2014-01-19 21:43 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Dropbox
2017-01-15 10:54 - 2014-03-18 11:03 - 00005430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 10:54 - 2014-03-18 10:25 - 01411730 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-15 10:54 - 2014-03-18 10:25 - 00352054 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-14 21:11 - 2014-09-14 13:48 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2017-01-14 21:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-14 21:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-13 19:23 - 2015-12-18 18:49 - 0011264 _____ () C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-19 10:44 - 2015-09-27 12:14 - 0002254 _____ () C:\ProgramData\hpzinstall.log
2015-08-01 09:00 - 2015-08-01 09:00 - 0000016 _____ () C:\ProgramData\mntemp
2015-07-25 12:59 - 2015-07-25 12:59 - 0005005 _____ () C:\ProgramData\wmzddnmb.cix

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job
C:\Windows\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job
C:\Windows\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job


Einige Dateien in TEMP:
====================
2014-07-19 07:10 - 2014-08-24 11:48 - 0000000 ____D () C:\Users\Jana\AppData\Local\Temp\avgnt.exe
2014-07-20 20:15 - 2014-08-24 12:06 - 0000000 ____D () C:\Users\Tato\AppData\Local\Temp\avgnt.exe
2015-07-21 17:31 - 2015-07-21 17:31 - 0000000 ____D () C:\Users\TEMP.JATA\AppData\Local\Temp\avgnt.exe
2015-10-21 07:12 - 2015-10-21 07:12 - 0000000 ____D () C:\Users\TEMP.JATA.001\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-07 19:56

==================== Ende von FRST.txt ============================

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgefÃ¼hrt von JaTa (07-02-2017 21:37:57)
Gestartet von C:\Users\Jana\Desktop
Windows 8.1 (Update) (X64) (2014-07-19 06:06:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admini (S-1-5-21-4215103822-3391258602-2653336318-1009 - Administrator - Enabled) => C:\Users\admini
Administrator (S-1-5-21-4215103822-3391258602-2653336318-500 - Administrator - Disabled)
Gast (S-1-5-21-4215103822-3391258602-2653336318-501 - Limited - Disabled)
green_000 (S-1-5-21-4215103822-3391258602-2653336318-1004 - Limited - Enabled) => C:\Users\green_000
HomeGroupUser$ (S-1-5-21-4215103822-3391258602-2653336318-1007 - Limited - Enabled)
JaTa (S-1-5-21-4215103822-3391258602-2653336318-1001 - Administrator - Enabled) => C:\Users\Jana
Tato (S-1-5-21-4215103822-3391258602-2653336318-1005 - Limited - Enabled) => C:\Users\Tato

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ACID Music Studio 9.0 (HKLM-x32\...\{7943168F-18A0-11E2-9C81-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Kindle (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{AFF3A479-02DE-E284-9E4D-CC1F0B45174A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
C3100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Die Simsâ„¢ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Simsâ„¢ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.0 - )
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{78545512-1F84-4357-8A9A-D94D9C3CE4FA}) (Version: 12.0.26.54 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 45233 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
MAGIX 3D Maker (embedded MSI) (HKLM-x32\...\{8393592A-B977-489E-8C78-84E19DE9FE21}) (Version: 6.0.0.8 - MAGIX AG)
MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.3.118 - MAGIX AG)
MAGIX Foto Premium 9 (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx) (Version: 9.0.3.2 - MAGIX AG)
MAGIX Foto Premium 9 (x32 Version: 9.0.3.2 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\{859258F8-3F00-4335-BBD5-318F17369012}) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\{F31C9A68-7F07-4B96-AC58-F71D5DF3DA89}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed 2 (MSI) (HKLM-x32\...\{7FA32C2E-E218-4A04-966D-DECCB0B9C81E}) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (HKLM-x32\...\MAGIX_MSI_Videodeluxe16_plus) (Version: 9.0.5.10 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (x32 Version: 9.0.5.10 - MAGIX AG) Hidden
MAGIX Xtreme Grafik Designer 5 (HKLM-x32\...\MAGIX_MSI_XtremeGrafik5) (Version: 5.1.2.10977 - MAGIX AG)
MAGIX Xtreme Grafik Designer 5 (x32 Version: 5.1.2.10977 - MAGIX AG) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 365 Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Movavi Video Editor 10 (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.3.0 - Movavi)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype for Business Basic 2016 - de-de (HKLM\...\SkypeforBusinessEntryRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Skypeâ„¢ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
UAC-2 Driver (HKLM\...\{970062D6-4CE4-48CE-8C70-0DE3BE204FFB}) (Version: 1.0.0.24 - ZOOM)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
USB2.0 Grabber (HKLM-x32\...\{45518B6D-9DDF-4144-83E4-A56762524F35}) (Version: 7.12.000.003 - Youyan)
USB2.0 Grabber (HKLM-x32\...\USB2.0 Grabber) (Version:  - )
Vacation Questâ„¢ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIOÂ*CPU-LÃ¼fterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin fÃ¼r VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support fÃ¼r Ãœbertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtos DeNoiser (HKLM-x32\...\Virtos DeNoiser) (Version: 1.1 - Virtos GmbH)
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Voxengo Redunoise VST 1.6 (HKLM-x32\...\Voxengo Redunoise VST) (Version:  - )
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
ZOOM UAC-2 MixEfx (HKLM-x32\...\{09A98EAB-7C64-4A02-8C95-14E65B0EE320}) (Version: 1.00.0023 - ZOOM Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0441A198-BF27-444E-909B-955D8F6E2FD0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {06D143D2-28B7-4E49-A0BF-28D7CE163FB8} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {0884AEDB-5321-4659-AF88-407F23ACA083} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {126C6523-F1D3-42A2-859D-97342B5AE7DE} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {1786973A-0245-4240-96D6-9E63F9C325A0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {1DF4D728-24F6-4BAA-9DCE-42C388023223} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {200BF8B9-1810-4AB9-8415-CBBF1D691F0F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2822C3A7-1993-45ED-BA73-45FEB0FC79FC} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {2B0C2CC9-2E24-455C-9A83-B54CB9A4958E} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {343D7DDD-45B2-4764-B407-57091AB55AA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {37F3246D-FE9E-4114-A8DB-565F2044622A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {3C28C15D-4CED-4610-85B7-15D26EE34D97} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {444FDB6F-94A2-46C8-AC11-4FA21B8758A8} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {489E461E-34F0-4EAD-802A-9FE26C9CB300} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {58FAC5CB-7169-4BE0-9FED-D1D10CBD67E4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {5DE6E53C-42AE-4C01-9007-373DC91394FB} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {65717F2F-DD6C-4D9C-997A-DC0911C81B5E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {6C009A66-F337-46AE-9ACA-5880EB854537} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-31] (Sony Corporation)
Task: {6E08651D-30E6-4901-985A-6AEA6D1B3DC7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {8A7100A6-49E6-4419-AF91-D948828FB041} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {AB52AAF7-88B7-4253-B4C7-5DE32F7AC946} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {B042C6E3-2F03-4A26-8B7D-3221801E76E3} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {C1C0C72C-1119-427F-8DD0-96A24ED6BDB3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {DCC19C28-8BCA-4391-8E83-8371CC31FAE1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-20] ()
Task: {EFF31C88-94C3-4E2D-BAB8-825EFA6BE9A3} - System32\Tasks\{2D0FF644-8F7B-4869-987D-478101A5D0E9} => pcalua.exe -a D:\setup.exe -d D:\

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4215103822-3391258602-2653336318-1001Core1d0c1f1fc9b876d.job => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25f659cdcf17c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-12-28 11:07 - 2012-12-28 11:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 11:04 - 2012-12-28 11:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 11:09 - 2012-12-28 11:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-08-06 12:27 - 2012-08-06 12:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 12:27 - 2012-08-06 12:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-23 05:05 - 2013-07-17 14:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-06-23 04:24 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\Pictures\Intis Geburtstag\IMG_7769.JPG
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205317427\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img1 Wallpaper 1600x900.jpg
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205318677\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img1 Wallpaper 1600x900.jpg
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017205319786\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TrayServer"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "E-MU USB Audio Control Panel"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{89E16038-0E1B-4720-A145-69899403B22F}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4AB09C03-D2C6-41E2-9561-739B1564DEE9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1196EC90-B732-440C-9395-F2BCD56DD81F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{383FA5B4-A109-4BF3-9353-EF6922AD0B6B}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AC533243-26E3-4D7C-86A1-6CDC12BE2227}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C6ED7570-65A8-41CC-97CE-0A6B76C582B1}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74FD456C-B49A-491B-8204-433CD94AC699}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{162D4AF2-047F-4835-B02E-DC453C8ABC30}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{B8198F1B-FA6C-4017-97C9-29F87F53CB25}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE04546E-51F6-4571-B350-F0A3CEB17E9B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B29E4062-5C46-42F4-AD9E-DAF2725B9913}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{67FB49BB-59B8-4B28-BF8A-5FB803B74C1A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBA9E6D6-7CA9-4507-A122-2A08E5AC9A0D}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{21930AEA-C5C6-4AFC-BD14-6E28DB2E79EA}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E66733B-5B29-41C9-8560-79134CB55CDC}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{2F2B5728-F4DF-49D9-89A5-4DAF65779110}] => c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{73128E8F-23BF-4F69-B115-D3A836B897DF}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{DA195DDB-3D6F-4A02-AB85-E127ABF86F57}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{07DCFD73-92A3-46D2-B905-022F1BB7AC7F}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{57E971E2-487A-42EF-A2AC-C3A6501F6574}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{3CDA9EFE-F922-40F5-9BD8-05C2E275367C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69622DC2-F0B4-44CE-80B4-C8E8D1844444}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{10FFC655-573F-4256-AA07-AF26DBD21CA9}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60450E92-1CA6-4295-9100-B8968A8154CF}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D95A5C9C-095B-43FD-95E8-C8C7FF5AB846}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E86EB6EB-DA55-4C19-87B5-6B90C36FD2F9}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8D7B63DF-51D5-415A-81FF-2E2011D3F83E}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{B2B234EB-B811-4CAD-A723-764D5783D4F3}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [{3AAE7DE8-C170-42EC-868E-1E991A05D4E2}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E50D37A7-9C84-465A-B55A-46D5EAE6D873}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67118243-63EF-48FF-8856-827632F3C968}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE9C70DB-B8FE-43E7-A890-5416ECCC7554}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{19034193-107C-424A-9B3D-AFB795294AFC}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{61731D51-F5DD-4E45-B74F-6BD5700EB15B}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AD54ED6D-DFFA-433F-8E41-9B2B19B69814}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{309919E3-75DB-4EFF-9081-32218147C239}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1203042D-1D1D-4E41-A600-F28FA635FA35}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3D5A86FB-2B74-4567-9D9B-F9E30D0BAC6D}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4461EEB8-D1CE-4431-A1A6-32E6620FE7B8}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{87518E9B-5F7F-4B34-9931-CBB089941CF7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{08E11EAA-6FD9-4D7B-B8B3-5D585788E5FB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8CF7CFD4-0512-49D7-A294-170C24F29209}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{AF4717AF-BA41-46F8-8CB4-B9A116E2E7AB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1D27E99D-493B-42E8-B2A1-400376C4F2DA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DAF94C55-1173-4E40-8E19-FF126433C8B5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F5BF510D-56E2-4C14-8F60-33163FF2DCF5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A885C6D4-AA4C-4EBF-82AE-439565A3E603}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{33BB18CF-D933-420E-83D3-249CA86637A7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0A66A4BB-0D98-4ECF-8EBF-E5BF5CE20029}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FCADFC1C-F6AE-42B2-BE2E-AF5935ED917E}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D117F5FA-D534-48BD-B2D2-57657837ACAC}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B456F675-6CFB-4AF3-AB42-5EB0DE550F91}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{AD9E5880-CE0B-4ABA-998C-11975391C580}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6AD6CD99-1F8A-4B6C-B541-2E5AF20CC9DC}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{76531EE9-2A06-41BA-827B-C7A2237101A1}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B08185B9-D14D-44DC-B4BB-FEF3DDF1A9BF}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{D96BD0D8-08EB-4E2F-9C32-3D9D22187360}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CBBBF1A-8D00-4FEC-8F44-0AA2384BC8B9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{112BE12A-BF6E-4E3A-9C0A-86DC067005AA}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [UDP Query User{DE8FF27A-22D8-4A6B-8800-43C2AB6253DB}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{68E86D7D-5480-4A88-8036-1976719BF461}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B81CD43-5823-40C4-8173-2D608812698E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B48A5050-2A34-420F-9C81-D4DB20CF62EB}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5F518E5C-5343-4010-ACBE-51675195C928}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2875F82C-4F18-4C01-9AFF-7537AFF4723C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{637402AF-E034-44DD-A98B-ECE55159B859}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5B970477-5EE0-4A6C-B7A4-0805E65928F7}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{97F59A24-5DB1-4F5B-8AB2-054D9F0A29B5}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{13B3EB68-58D4-4DFF-A97D-BF0E9D344A72}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{DF82F157-7E3E-449F-8093-986C89E30D5C}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{CBFCC100-9F13-4571-823F-5B9FE0EFC398}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{685D285E-49F4-4724-A5F6-AA39414FD616}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{50B39B42-38A2-4937-A0EB-84B10603A5AC}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{75A85310-1001-4158-8D0F-EA3DAC63F6DA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

07-02-2017 20:02:33 Geplanter PrÃ¼fpunkt

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/07/2017 08:25:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Waves\Applications\Waves Central\Waves Central.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Waves\Applications\Waves Central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" in Zeile  8.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (02/07/2017 08:25:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Waves\Applications\Waves Central\Waves Central.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Waves\Applications\Waves Central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" in Zeile  8.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (02/07/2017 08:25:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (02/07/2017 08:24:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: JATA)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporÃ¤ren Benutzerprofil angemeldet. Ã„nderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (02/07/2017 08:24:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: JATA)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nÃ¤chsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (02/07/2017 08:24:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: JATA)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. MÃ¶gliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschÃ¤digtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (02/07/2017 08:24:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÃ„T)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\Jana\ntuser.dat

Error: (02/05/2017 11:00:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14110

Error: (02/05/2017 11:00:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14110

Error: (02/05/2017 11:00:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (02/07/2017 08:56:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (02/07/2017 08:52:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/07/2017 08:52:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/07/2017 08:51:02 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xffffe001cfbab9e0, 0x00000067c2ce56fa). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 020717-28343-01.

Error: (02/07/2017 08:50:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am â€Ž07.â€Ž02.â€Ž2017 um 20:22:35 unerwartet heruntergefahren.

Error: (02/07/2017 08:45:56 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/07/2017 08:33:58 PM) (Source: DCOM) (EventID: 10010) (User: JATA)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/07/2017 08:33:28 PM) (Source: DCOM) (EventID: 10010) (User: JATA)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/07/2017 08:22:38 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/07/2017 08:22:35 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 6091.28 MB
Verfügbarer physikalischer RAM: 4158.77 MB
Summe virtueller Speicher: 12235.28 MB
Verfügbarer virtueller Speicher: 9604.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:662.69 GB) (Free:274.66 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8D41EBCD)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 08.02.2017, 16:39

Schritt: 1
Bitte dieser Anleitung folgen: https://support.google.com/chrome/answer/3296214?hl=de

Schritt: 2
Downloade Dir HitmanPro

auf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

JaTa · 08.02.2017, 22:26

Code:

ATTFilter

HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : JATA
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : JATA\JaTa
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-02-08 21:49:42
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 27m 25s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 7

   Objects scanned . . . : 3.005.639
   Files scanned . . . . : 179.871
   Remnants scanned  . . : 1.192.915 files / 1.632.853 keys

Malware _____________________________________________________________________

   C:\Users\Jana\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\7e3636e2443dba065f15c6a6bfc1b78a\doubleTwistSetupFull_4.0.3.exe
      Size . . . . . . . : 22.090.088 bytes
      Age  . . . . . . . : 654.3 days (2015-04-26 15:09:39)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 50B60AB762F645389F679E042BA2171083C4EE89802D230F78B9F38605906ABE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.Win32.OpenCandy.c
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

   C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\Q911QQI1\FRST64[1].exe
      Size . . . . . . . : 2.421.248 bytes
      Age  . . . . . . . : 1.0 days (2017-02-07 21:35:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4C0854F5782342DBD6B6E6B2023972E75CFEBC235AA40C2B01AB487543CA1BE2
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -4.2s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\ZLPZAPWL\82[1].htm
         -2.5s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCookies\MJL65SVB.txt
         -2.5s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\ZLPZAPWL\82[2].htm
         -1.0s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -1.0s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.5s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.5s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.4s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.4s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Jana\Desktop\FRST64.exe
          0.0s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\Q911QQI1\FRST64[1].exe
          3.7s C:\WINDOWS\Prefetch\FRST64.EXE-BE77C8AD.pf

   C:\Users\Jana\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.420.736 bytes
      Age  . . . . . . . : 6.0 days (2017-02-02 20:58:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 566708D6E5A537F1C4EC62431527D89046779755355E43945323E021DD13A742
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Jana\Desktop\FRST64.exe
      Size . . . . . . . : 2.421.248 bytes
      Age  . . . . . . . : 1.0 days (2017-02-07 21:35:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4C0854F5782342DBD6B6E6B2023972E75CFEBC235AA40C2B01AB487543CA1BE2
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -4.2s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\ZLPZAPWL\82[1].htm
         -2.5s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCookies\MJL65SVB.txt
         -2.5s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\ZLPZAPWL\82[2].htm
         -1.0s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -1.0s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.5s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.5s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.4s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.4s C:\Users\Jana\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Jana\Desktop\FRST64.exe
          0.0s C:\Users\Jana\AppData\Local\Microsoft\Windows\INetCache\IE\Q911QQI1\FRST64[1].exe
          3.7s C:\WINDOWS\Prefetch\FRST64.EXE-BE77C8AD.pf


Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Mobogenie\ (Rocketfuel)
   HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:\C:\Program Files (x86)\Mobogenie\ (Rocketfuel)
   HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Program Files (x86)\Mobogenie\ (Rocketfuel)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von JaTa (Administrator) auf JATA (08-02-2017 22:20:29)
Gestartet von C:\Users\Jana\Desktop
Geladene Profile: JaTa &  (Verfügbare Profile: JaTa & green_000 & Tato & admini)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(E-MU Systems) C:\WINDOWS\System32\emaudsv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ZOOM) C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(© 2015 Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ZOOM) C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [doubleTwist] => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UAC-2 MixEfx Startup] => C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe [14848 2015-04-23] (ZOOM)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [E-MU USB Audio Control Panel] => C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [274432 2007-11-26] (E-MU Systems)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3502576 2016-10-29] (Electronic Arts)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [Dropbox Update] => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Run: [BingSvc] => C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {b0ff46d6-7bd5-11e5-bec1-5453ed3b7812} - "F:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-07-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5FBCFB0E-94B8-4F44-AAEB-CCC7A39FE717}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{95F07F3B-B0C3-4532-9325-7BB1ADA92F1C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210835631\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210835631\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210835631\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> DefaultScope {23BBA55F-0E89-493A-9AB4-20428EB24552} URL = 
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001 -> {FDE9174A-DDB1-426D-BEC3-E72348445B9E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552 -> {4F0BDCD2-DE55-4F76-AF6F-67FFF8D04A51} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240 -> {8AECA907-E97B-4168-A50C-73B2B8B2DBBF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210835631 -> {93DC171F-A7B7-44DC-8698-F4309431CD20} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default [2017-02-08]
FF NewTab: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\5c9b13n1.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\5c9b13n1.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\5c9b13n1.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (GreatDealz) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\@greatdealz.xpi [2016-11-18]
FF Extension: (Bing Search) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\bingsearch.full@microsoft.com.xpi [2017-01-29]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-01]
FF Extension: (YouTube High Definition) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-02-01]
FF Extension: (Adblock Plus) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\5c9b13n1.default\searchplugins\bing-.xml [2017-01-29]
FF HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-07-17] (Intel)
FF Plugin HKU\S-1-5-21-4215103822-3391258602-2653336318-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-07-17] (Intel)

Chrome: 
=======
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-17]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-17]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-26]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-26]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-26]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-17]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-17]
CHR Extension: (Avira Browserschutz) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-26]
CHR Extension: (Stuff.tv CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcjccadpaggjijncnedadbobkbimmjpk [2017-01-27]
CHR Extension: (Data generator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\legklhfpihknmgmlhiadachbaihccpho [2017-01-30]
CHR Extension: (Manage Tabs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\memofnfkklanghgnaleppdgfnmbojdbk [2017-01-30]
CHR Extension: (Perfect.com CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijlcckaclcecjlibilijgacfdomphgp [2017-02-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 emaudsv; C:\WINDOWS\system32\emaudsv.exe [25600 2007-11-26] (E-MU Systems)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24376 2015-06-30] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-17] (Sony Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-29] (Electronic Arts)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [Datei ist nicht signiert]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [Datei ist nicht signiert]
R2 zmuac2service; C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe [127488 2015-04-22] (ZOOM) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-10-22] (Advanced Micro Devices)
S3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio_x64.sys [269312 2015-09-03] () [Datei ist nicht signiert]
S3 audientusbaudioks; C:\WINDOWS\system32\DRIVERS\audientusbaudioks_x64.sys [50688 2015-09-03] () [Datei ist nicht signiert]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 emusba10; C:\WINDOWS\system32\DRIVERS\emusba10.sys [213272 2007-11-26] (E-MU Systems)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-04] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-08] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-08] (Malwarebytes)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 StkCMini; C:\WINDOWS\System32\Drivers\StkCMini.sys [1917576 2010-06-07] (Syntek)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 zmuac2audio; C:\WINDOWS\system32\drivers\zmuac2audio.sys [184832 2015-04-22] (ZOOM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-08 21:49 - 2017-02-08 21:49 - 00000000 ____D C:\Program Files\HitmanPro
2017-02-08 21:16 - 2017-02-08 22:17 - 00000000 ____D C:\ProgramData\HitmanPro
2017-02-08 21:16 - 2017-02-08 21:16 - 11581544 _____ (SurfRight B.V.) C:\Users\Jana\Desktop\HitmanPro_x64.exe
2017-02-08 21:05 - 2017-02-08 21:06 - 00279664 _____ C:\WINDOWS\Minidump\020817-174937-01.dmp
2017-02-08 20:50 - 2017-02-08 20:50 - 00279664 _____ C:\WINDOWS\Minidump\020817-38015-01.dmp
2017-02-07 21:36 - 2017-02-07 21:36 - 00000000 ____D C:\Users\Jana\Desktop\FRST-OlderVersion
2017-02-07 20:50 - 2017-02-07 20:51 - 00279664 _____ C:\WINDOWS\Minidump\020717-28343-01.dmp
2017-02-07 19:42 - 2017-02-07 19:42 - 00279664 _____ C:\WINDOWS\Minidump\020717-46984-01.dmp
2017-02-06 22:36 - 2017-02-07 21:29 - 00000000 ___DC C:\EEK
2017-02-06 21:54 - 2017-02-06 22:35 - 286730600 _____ C:\Users\Jana\Desktop\EmsisoftEmergencyKit.exe
2017-02-06 14:18 - 2017-02-06 22:03 - 00000000 ____D C:\Program Files\WhoCrashed
2017-02-06 14:18 - 2017-02-06 14:20 - 00000975 _____ C:\Users\Jana\Desktop\WhoCrashed.lnk
2017-02-06 14:17 - 2017-02-06 14:17 - 04958280 _____ (Resplendence Software Projects Sp. ) C:\Users\Jana\Desktop\whocrashedSetup.exe
2017-02-06 13:37 - 2017-02-06 14:17 - 00254112 ____C C:\TDSSKiller.3.1.0.12_06.02.2017_13.37.10_log.txt
2017-02-06 13:35 - 2017-02-06 13:35 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Jana\Desktop\tdsskiller.exe
2017-02-05 22:59 - 2017-02-05 22:59 - 00128316 _____ C:\Users\Jana\Documents\scannow ergebnis.pdf
2017-02-05 21:46 - 2017-02-05 21:52 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4215103822-3391258602-2653336318-1009
2017-02-05 21:44 - 2017-02-05 21:44 - 00000000 ____D C:\Users\admini\AppData\Local\Sony Corporation
2017-02-05 21:41 - 2017-02-05 21:41 - 00000000 ____D C:\Users\admini\AppData\Roaming\Atheros
2017-02-05 21:39 - 2017-02-07 19:44 - 00000000 ____D C:\Users\admini
2017-02-05 21:39 - 2017-02-05 21:48 - 00000000 ____D C:\Users\admini\AppData\Local\Packages
2017-02-05 21:39 - 2017-02-05 21:47 - 00000000 ____D C:\Users\admini\AppData\Roaming\Sony Corporation
2017-02-05 21:39 - 2017-02-05 21:39 - 00001414 _____ C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-05 21:39 - 2017-02-05 21:39 - 00000020 ___SH C:\Users\admini\ntuser.ini
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Vorlagen
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Startmenü
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Netzwerkumgebung
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Lokale Einstellungen
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Eigene Dateien
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Druckumgebung
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Videos
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Musik
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Documents\Eigene Bilder
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Local\Verlauf
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\AppData\Local\Anwendungsdaten
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 _SHDL C:\Users\admini\Anwendungsdaten
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Roaming\Adobe
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Local\VirtualStore
2017-02-05 21:39 - 2017-02-05 21:39 - 00000000 ____D C:\Users\admini\AppData\Local\Google
2017-02-05 21:39 - 2016-10-07 15:46 - 00002266 _____ C:\Users\admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-05 21:39 - 2015-03-27 18:20 - 00000000 ____D C:\Users\admini\AppData\Roaming\Macromedia
2017-02-05 21:39 - 2014-07-19 07:17 - 00000000 ____D C:\Users\admini\AppData\Roaming\ATI
2017-02-05 21:39 - 2014-07-19 07:17 - 00000000 ____D C:\Users\admini\AppData\Local\ATI
2017-02-05 21:39 - 2014-07-18 20:41 - 00000000 ____D C:\Users\admini\AppData\Local\Microsoft Help
2017-02-05 21:20 - 2017-02-05 21:20 - 00279608 _____ C:\WINDOWS\Minidump\020517-27046-01.dmp
2017-02-05 20:56 - 2017-02-05 20:56 - 00178711 _____ C:\Users\Jana\Documents\Ergebnisse Scan.pdf
2017-02-05 20:35 - 2017-02-05 20:35 - 00001418 _____ C:\Users\TEMP.JATA.002\Documents\Schlüssel.reg
2017-02-05 20:02 - 2017-02-05 20:02 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Sony Corporation
2017-02-05 19:57 - 2017-02-05 20:06 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Sony Corporation
2017-02-05 19:57 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Atheros
2017-02-05 19:57 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Google
2017-02-05 19:56 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Packages
2017-02-05 19:56 - 2017-02-05 19:57 - 00000000 ____D C:\Users\TEMP.JATA.002
2017-02-05 19:56 - 2017-02-05 19:56 - 00001414 _____ C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-05 19:56 - 2017-02-05 19:56 - 00000020 ___SH C:\Users\TEMP.JATA.002\ntuser.ini
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Vorlagen
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Startmenü
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Netzwerkumgebung
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Lokale Einstellungen
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Eigene Dateien
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Druckumgebung
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Videos
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Musik
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Documents\Eigene Bilder
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Local\Verlauf
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\AppData\Local\Anwendungsdaten
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 _SHDL C:\Users\TEMP.JATA.002\Anwendungsdaten
2017-02-05 19:56 - 2017-02-05 19:56 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Adobe
2017-02-05 19:56 - 2016-10-07 15:46 - 00002266 _____ C:\Users\TEMP.JATA.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-05 19:56 - 2015-03-27 18:20 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\Macromedia
2017-02-05 19:56 - 2014-07-19 07:17 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Roaming\ATI
2017-02-05 19:56 - 2014-07-19 07:17 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\ATI
2017-02-05 19:56 - 2014-07-18 20:41 - 00000000 ____D C:\Users\TEMP.JATA.002\AppData\Local\Microsoft Help
2017-02-05 10:54 - 2017-02-05 10:55 - 00279608 _____ C:\WINDOWS\Minidump\020517-39031-01.dmp
2017-02-05 10:49 - 2017-02-05 10:49 - 00000000 ____D C:\Users\Jana\Documents\Benutzerdefinierte Office-Vorlagen
2017-02-05 10:16 - 2017-02-05 10:17 - 00279608 _____ C:\WINDOWS\Minidump\020517-178000-01.dmp
2017-02-05 10:13 - 2017-02-05 10:13 - 00000000 __SHD C:\found.001
2017-02-04 22:19 - 2017-02-04 22:20 - 00279608 _____ C:\WINDOWS\Minidump\020417-25218-01.dmp
2017-02-04 21:51 - 2017-02-04 21:51 - 00279608 _____ C:\WINDOWS\Minidump\020417-28828-01.dmp
2017-02-04 21:10 - 2017-02-04 21:11 - 04015056 _____ C:\Users\Jana\Desktop\AdwCleaner_6.043.exe
2017-02-04 21:04 - 2017-02-08 21:12 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-04 21:04 - 2017-02-08 21:08 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-04 21:04 - 2017-02-08 21:08 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-04 21:04 - 2017-02-08 21:08 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-04 21:04 - 2017-02-04 21:04 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-04 21:03 - 2017-02-04 21:03 - 00001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-04 21:03 - 2017-02-04 21:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-04 21:03 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-04 21:01 - 2017-02-04 21:02 - 55566792 _____ (Malwarebytes ) C:\Users\Jana\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-03 11:49 - 2017-02-07 21:39 - 00054516 _____ C:\Users\Jana\Desktop\Addition.txt
2017-02-03 11:47 - 2017-02-08 22:21 - 00031766 _____ C:\Users\Jana\Desktop\FRST.txt
2017-02-03 11:47 - 2017-02-08 22:20 - 00000000 ___DC C:\FRST
2017-02-02 20:58 - 2017-02-07 21:36 - 02421248 ____C (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2017-02-02 13:40 - 2017-02-02 13:41 - 00279608 _____ C:\WINDOWS\Minidump\020217-31390-01.dmp
2017-02-01 22:04 - 2017-02-06 14:27 - 00000000 ___DC C:\AdwCleaner
2017-01-17 14:51 - 2017-01-17 14:51 - 01427282 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00577639 _____ C:\WINDOWS\Packet.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288106 _____ C:\WINDOWS\SentOSPackets.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00288088 _____ C:\WINDOWS\Control.KTL
2017-01-17 14:51 - 2017-01-17 14:51 - 00003480 _____ C:\WINDOWS\NGIControl.KTL

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-08 21:37 - 2014-01-21 19:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-08 21:08 - 2016-07-18 18:31 - 00002894 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-08 21:08 - 2014-01-20 21:01 - 00000284 _____ C:\WINDOWS\Tasks\AutoKMS.job
2017-02-08 21:05 - 2014-09-14 18:38 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-08 21:05 - 2014-06-02 20:42 - 585269681 _____ C:\WINDOWS\MEMORY.DMP
2017-02-08 21:05 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-08 21:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-08 20:52 - 2014-07-18 20:29 - 00000000 ____D C:\Users\Jana
2017-02-08 19:04 - 2016-03-21 17:03 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Tokyo Dawn Labs
2017-02-08 12:33 - 2016-12-05 22:07 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2017-02-07 21:26 - 2013-12-17 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-07 21:03 - 2013-11-29 21:25 - 00000000 ____D C:\Users\Jana\AppData\Local\Packages
2017-02-07 20:53 - 2014-07-18 20:29 - 00000000 ____D C:\Users\Tato
2017-02-07 20:31 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-07 18:36 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-02-07 12:20 - 2013-11-29 21:34 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-06 22:38 - 2016-12-26 11:51 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 22:38 - 2016-12-26 11:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 21:55 - 2013-12-27 09:30 - 00000000 ____D C:\Users\Jana\Documents\Outlook-Dateien
2017-02-05 20:57 - 2015-11-09 10:29 - 00422400 ___SH C:\Users\Jana\Documents\Thumbs.db
2017-02-05 20:53 - 2013-11-30 18:39 - 00216576 ___SH C:\Users\Jana\Desktop\Thumbs.db
2017-02-05 20:40 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-02-05 11:37 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-04 21:53 - 2014-07-18 20:29 - 00000000 ____D C:\Users\green_000
2017-02-03 11:44 - 2016-07-25 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-03 11:43 - 2014-07-19 07:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-01 22:27 - 2016-12-16 19:46 - 00003162 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-01 22:27 - 2016-10-07 15:46 - 00003170 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4215103822-3391258602-2653336318-1001
2017-02-01 22:27 - 2016-10-07 15:46 - 00002353 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-01 22:07 - 2014-08-23 21:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Yahoo!
2017-01-29 19:46 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2017-01-29 18:50 - 2014-01-20 22:02 - 00000000 ____D C:\ProgramData\Skype
2017-01-29 18:49 - 2014-10-07 11:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-24 15:40 - 2013-06-23 04:31 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-17 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-17 16:19 - 2014-01-19 21:47 - 00000000 ___RD C:\Users\Jana\Dropbox
2017-01-17 15:22 - 2014-01-19 21:43 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Dropbox
2017-01-15 10:54 - 2014-03-18 11:03 - 00005430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 10:54 - 2014-03-18 10:25 - 01411730 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-15 10:54 - 2014-03-18 10:25 - 00352054 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-14 21:11 - 2014-09-14 13:48 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2017-01-14 21:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-14 21:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-13 19:23 - 2015-12-18 18:49 - 0011264 _____ () C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-19 10:44 - 2015-09-27 12:14 - 0002254 _____ () C:\ProgramData\hpzinstall.log
2015-08-01 09:00 - 2015-08-01 09:00 - 0000016 _____ () C:\ProgramData\mntemp
2015-07-25 12:59 - 2015-07-25 12:59 - 0005005 _____ () C:\ProgramData\wmzddnmb.cix

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job
C:\Windows\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job
C:\Windows\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job


Einige Dateien in TEMP:
====================
2014-07-19 07:10 - 2014-08-24 11:48 - 0000000 ____D () C:\Users\Jana\AppData\Local\Temp\avgnt.exe
2014-07-20 20:15 - 2014-08-24 12:06 - 0000000 ____D () C:\Users\Tato\AppData\Local\Temp\avgnt.exe
2015-07-21 17:31 - 2015-07-21 17:31 - 0000000 ____D () C:\Users\TEMP.JATA\AppData\Local\Temp\avgnt.exe
2015-10-21 07:12 - 2015-10-21 07:12 - 0000000 ____D () C:\Users\TEMP.JATA.001\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 22:10

==================== Ende von FRST.txt ============================

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgefÃ¼hrt von JaTa (08-02-2017 22:21:35)
Gestartet von C:\Users\Jana\Desktop
Windows 8.1 (Update) (X64) (2014-07-19 06:06:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admini (S-1-5-21-4215103822-3391258602-2653336318-1009 - Administrator - Enabled) => C:\Users\admini
Administrator (S-1-5-21-4215103822-3391258602-2653336318-500 - Administrator - Disabled)
Gast (S-1-5-21-4215103822-3391258602-2653336318-501 - Limited - Disabled)
green_000 (S-1-5-21-4215103822-3391258602-2653336318-1004 - Limited - Enabled) => C:\Users\green_000
HomeGroupUser$ (S-1-5-21-4215103822-3391258602-2653336318-1007 - Limited - Enabled)
JaTa (S-1-5-21-4215103822-3391258602-2653336318-1001 - Administrator - Enabled) => C:\Users\Jana
Tato (S-1-5-21-4215103822-3391258602-2653336318-1005 - Limited - Enabled) => C:\Users\Tato

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ACID Music Studio 9.0 (HKLM-x32\...\{7943168F-18A0-11E2-9C81-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Kindle (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{AFF3A479-02DE-E284-9E4D-CC1F0B45174A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
C3100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Die Simsâ„¢ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Simsâ„¢ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.0 - )
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{78545512-1F84-4357-8A9A-D94D9C3CE4FA}) (Version: 12.0.26.54 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 45233 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
MAGIX 3D Maker (embedded MSI) (HKLM-x32\...\{8393592A-B977-489E-8C78-84E19DE9FE21}) (Version: 6.0.0.8 - MAGIX AG)
MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.3.118 - MAGIX AG)
MAGIX Foto Premium 9 (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx) (Version: 9.0.3.2 - MAGIX AG)
MAGIX Foto Premium 9 (x32 Version: 9.0.3.2 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\{859258F8-3F00-4335-BBD5-318F17369012}) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\{F31C9A68-7F07-4B96-AC58-F71D5DF3DA89}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed 2 (MSI) (HKLM-x32\...\{7FA32C2E-E218-4A04-966D-DECCB0B9C81E}) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (HKLM-x32\...\MAGIX_MSI_Videodeluxe16_plus) (Version: 9.0.5.10 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition (x32 Version: 9.0.5.10 - MAGIX AG) Hidden
MAGIX Xtreme Grafik Designer 5 (HKLM-x32\...\MAGIX_MSI_XtremeGrafik5) (Version: 5.1.2.10977 - MAGIX AG)
MAGIX Xtreme Grafik Designer 5 (x32 Version: 5.1.2.10977 - MAGIX AG) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 365 Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Movavi Video Editor 10 (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.3.0 - Movavi)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype for Business Basic 2016 - de-de (HKLM\...\SkypeforBusinessEntryRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Skypeâ„¢ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
UAC-2 Driver (HKLM\...\{970062D6-4CE4-48CE-8C70-0DE3BE204FFB}) (Version: 1.0.0.24 - ZOOM)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
USB2.0 Grabber (HKLM-x32\...\{45518B6D-9DDF-4144-83E4-A56762524F35}) (Version: 7.12.000.003 - Youyan)
USB2.0 Grabber (HKLM-x32\...\USB2.0 Grabber) (Version:  - )
Vacation Questâ„¢ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIOÂ*CPU-LÃ¼fterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin fÃ¼r VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support fÃ¼r Ãœbertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtos DeNoiser (HKLM-x32\...\Virtos DeNoiser) (Version: 1.1 - Virtos GmbH)
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Voxengo Redunoise VST 1.6 (HKLM-x32\...\Voxengo Redunoise VST) (Version:  - )
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
ZOOM UAC-2 MixEfx (HKLM-x32\...\{09A98EAB-7C64-4A02-8C95-14E65B0EE320}) (Version: 1.00.0023 - ZOOM Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0441A198-BF27-444E-909B-955D8F6E2FD0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {06D143D2-28B7-4E49-A0BF-28D7CE163FB8} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {0884AEDB-5321-4659-AF88-407F23ACA083} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {126C6523-F1D3-42A2-859D-97342B5AE7DE} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {1786973A-0245-4240-96D6-9E63F9C325A0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {1DF4D728-24F6-4BAA-9DCE-42C388023223} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {200BF8B9-1810-4AB9-8415-CBBF1D691F0F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2822C3A7-1993-45ED-BA73-45FEB0FC79FC} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {2B0C2CC9-2E24-455C-9A83-B54CB9A4958E} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {343D7DDD-45B2-4764-B407-57091AB55AA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {37F3246D-FE9E-4114-A8DB-565F2044622A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {3C28C15D-4CED-4610-85B7-15D26EE34D97} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {444FDB6F-94A2-46C8-AC11-4FA21B8758A8} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {489E461E-34F0-4EAD-802A-9FE26C9CB300} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {4C06A5B5-A36E-4EC7-AAFA-5355F201BEBB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {51FC38DA-E690-42B6-97F1-AD3C16B05C5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {5795656E-5E35-4ED6-8886-5ECD091EC6CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {58FAC5CB-7169-4BE0-9FED-D1D10CBD67E4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {5DE6E53C-42AE-4C01-9007-373DC91394FB} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {6C009A66-F337-46AE-9ACA-5880EB854537} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-31] (Sony Corporation)
Task: {6E08651D-30E6-4901-985A-6AEA6D1B3DC7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {8A7100A6-49E6-4419-AF91-D948828FB041} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {AB52AAF7-88B7-4253-B4C7-5DE32F7AC946} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {B042C6E3-2F03-4A26-8B7D-3221801E76E3} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {C1C0C72C-1119-427F-8DD0-96A24ED6BDB3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {DCC19C28-8BCA-4391-8E83-8371CC31FAE1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-20] ()
Task: {EFF31C88-94C3-4E2D-BAB8-825EFA6BE9A3} - System32\Tasks\{2D0FF644-8F7B-4869-987D-478101A5D0E9} => pcalua.exe -a D:\setup.exe -d D:\

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4215103822-3391258602-2653336318-1001Core1d0c1f1fc9b876d.job => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25f659cdcf17c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{02804227-02CC-46B3-9E45-FC67A782196D}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{90588E13-A551-492D-9316-C77702E2E3CF}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/
Task: C:\WINDOWS\Tasks\{970FADF3-6296-4655-A121-80D7F6908591}.job => c:\program files (x86)\google\chrome\application\chrome.exe Khxxps:/ui.skype.com/ui/0/7.30.85.105/de/

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-04 21:03 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-12-28 11:07 - 2012-12-28 11:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 11:04 - 2012-12-28 11:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 11:09 - 2012-12-28 11:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-08-06 12:27 - 2012-08-06 12:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 12:27 - 2012-08-06 12:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2017-02-06 22:38 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:38 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-23 05:05 - 2013-07-17 14:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-06-23 04:24 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\Pictures\Intis Geburtstag\IMG_7769.JPG
HKU\S-1-5-21-4215103822-3391258602-2653336318-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210831552\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img1 Wallpaper 1600x900.jpg
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img1 Wallpaper 1600x900.jpg
HKU\S-1-5-21-4215103822-3391258602-2653336318-1009-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210835631\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TrayServer"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "E-MU USB Audio Control Panel"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{89E16038-0E1B-4720-A145-69899403B22F}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4AB09C03-D2C6-41E2-9561-739B1564DEE9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1196EC90-B732-440C-9395-F2BCD56DD81F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{383FA5B4-A109-4BF3-9353-EF6922AD0B6B}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AC533243-26E3-4D7C-86A1-6CDC12BE2227}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C6ED7570-65A8-41CC-97CE-0A6B76C582B1}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74FD456C-B49A-491B-8204-433CD94AC699}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{162D4AF2-047F-4835-B02E-DC453C8ABC30}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{B8198F1B-FA6C-4017-97C9-29F87F53CB25}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE04546E-51F6-4571-B350-F0A3CEB17E9B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B29E4062-5C46-42F4-AD9E-DAF2725B9913}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{67FB49BB-59B8-4B28-BF8A-5FB803B74C1A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBA9E6D6-7CA9-4507-A122-2A08E5AC9A0D}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{21930AEA-C5C6-4AFC-BD14-6E28DB2E79EA}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E66733B-5B29-41C9-8560-79134CB55CDC}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{2F2B5728-F4DF-49D9-89A5-4DAF65779110}] => c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{73128E8F-23BF-4F69-B115-D3A836B897DF}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{DA195DDB-3D6F-4A02-AB85-E127ABF86F57}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{07DCFD73-92A3-46D2-B905-022F1BB7AC7F}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{57E971E2-487A-42EF-A2AC-C3A6501F6574}] => C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{3CDA9EFE-F922-40F5-9BD8-05C2E275367C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69622DC2-F0B4-44CE-80B4-C8E8D1844444}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{10FFC655-573F-4256-AA07-AF26DBD21CA9}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60450E92-1CA6-4295-9100-B8968A8154CF}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D95A5C9C-095B-43FD-95E8-C8C7FF5AB846}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E86EB6EB-DA55-4C19-87B5-6B90C36FD2F9}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8D7B63DF-51D5-415A-81FF-2E2011D3F83E}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{B2B234EB-B811-4CAD-A723-764D5783D4F3}C:\program files (x86)\flixster\flixster.exe] => C:\program files (x86)\flixster\flixster.exe
FirewallRules: [{3AAE7DE8-C170-42EC-868E-1E991A05D4E2}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E50D37A7-9C84-465A-B55A-46D5EAE6D873}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67118243-63EF-48FF-8856-827632F3C968}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE9C70DB-B8FE-43E7-A890-5416ECCC7554}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{19034193-107C-424A-9B3D-AFB795294AFC}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{61731D51-F5DD-4E45-B74F-6BD5700EB15B}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AD54ED6D-DFFA-433F-8E41-9B2B19B69814}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{309919E3-75DB-4EFF-9081-32218147C239}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1203042D-1D1D-4E41-A600-F28FA635FA35}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3D5A86FB-2B74-4567-9D9B-F9E30D0BAC6D}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4461EEB8-D1CE-4431-A1A6-32E6620FE7B8}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{87518E9B-5F7F-4B34-9931-CBB089941CF7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{08E11EAA-6FD9-4D7B-B8B3-5D585788E5FB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8CF7CFD4-0512-49D7-A294-170C24F29209}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{AF4717AF-BA41-46F8-8CB4-B9A116E2E7AB}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1D27E99D-493B-42E8-B2A1-400376C4F2DA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DAF94C55-1173-4E40-8E19-FF126433C8B5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F5BF510D-56E2-4C14-8F60-33163FF2DCF5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A885C6D4-AA4C-4EBF-82AE-439565A3E603}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{33BB18CF-D933-420E-83D3-249CA86637A7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0A66A4BB-0D98-4ECF-8EBF-E5BF5CE20029}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FCADFC1C-F6AE-42B2-BE2E-AF5935ED917E}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D117F5FA-D534-48BD-B2D2-57657837ACAC}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B456F675-6CFB-4AF3-AB42-5EB0DE550F91}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{AD9E5880-CE0B-4ABA-998C-11975391C580}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6AD6CD99-1F8A-4B6C-B541-2E5AF20CC9DC}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{76531EE9-2A06-41BA-827B-C7A2237101A1}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B08185B9-D14D-44DC-B4BB-FEF3DDF1A9BF}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{D96BD0D8-08EB-4E2F-9C32-3D9D22187360}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CBBBF1A-8D00-4FEC-8F44-0AA2384BC8B9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{112BE12A-BF6E-4E3A-9C0A-86DC067005AA}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [UDP Query User{DE8FF27A-22D8-4A6B-8800-43C2AB6253DB}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{68E86D7D-5480-4A88-8036-1976719BF461}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B81CD43-5823-40C4-8173-2D608812698E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B48A5050-2A34-420F-9C81-D4DB20CF62EB}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5F518E5C-5343-4010-ACBE-51675195C928}C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\jana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2875F82C-4F18-4C01-9AFF-7537AFF4723C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{637402AF-E034-44DD-A98B-ECE55159B859}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5B970477-5EE0-4A6C-B7A4-0805E65928F7}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{97F59A24-5DB1-4F5B-8AB2-054D9F0A29B5}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{13B3EB68-58D4-4DFF-A97D-BF0E9D344A72}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{DF82F157-7E3E-449F-8093-986C89E30D5C}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{CBFCC100-9F13-4571-823F-5B9FE0EFC398}] => C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{685D285E-49F4-4724-A5F6-AA39414FD616}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{50B39B42-38A2-4937-A0EB-84B10603A5AC}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{75A85310-1001-4158-8D0F-EA3DAC63F6DA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

07-02-2017 20:02:33 Geplanter PrÃ¼fpunkt

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/08/2017 10:14:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.33440, Zeitstempel: 0x52003694
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18202, Zeitstempel: 0x569e7eb1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005fa2
ID des fehlerhaften Prozesses: 0x1ea4
Startzeit der fehlerhaften Anwendung: 0x01d2824fe3dafa64
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: 926c3e8e-ee43-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 10:12:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.1.0.10100, Zeitstempel: 0x5077842e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1fbc
Startzeit der fehlerhaften Anwendung: 0x01d2824ffdc05ac3
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Berichtskennung: 3fc8c56f-ee43-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 10:12:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.1.0.10100, Zeitstempel: 0x5077842e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1fb4
Startzeit der fehlerhaften Anwendung: 0x01d2824ffdc05ac3
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Berichtskennung: 3fbf3bec-ee43-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 10:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.1.0.10100, Zeitstempel: 0x5077842e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1264
Startzeit der fehlerhaften Anwendung: 0x01d2824f4af8e344
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Berichtskennung: 96ca619b-ee42-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:48:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HitmanPro_x64.exe, Version 3.7.15.281 kann nicht mehr unter Windows ausgefÃ¼hrt werden und wurde beendet. ÃœberprÃ¼fen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a30

Startzeit: 01d282484929c0ac

Endzeit: 31

Anwendungspfad: C:\Users\Jana\Desktop\HitmanPro_x64.exe

Berichts-ID: 93195364-ee3e-11e6-bf0e-5453ed3b7812

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:25:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.1.0.10100, Zeitstempel: 0x5077842e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x170c
Startzeit der fehlerhaften Anwendung: 0x01d282479c2d5ccb
Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Berichtskennung: b6e447f9-ee3c-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vim.exe, Version: 6.1.3.3070, Zeitstempel: 0x513853c3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000180037e64
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0x01d282479bfd17b7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: da2bf236-ee3a-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vim.exe, Version: 6.1.3.3070, Zeitstempel: 0x513853c3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000180037e64
ID des fehlerhaften Prozesses: 0x1768
Startzeit der fehlerhaften Anwendung: 0x01d28247758a6ab0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b4fcff0e-ee3a-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:10:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e12e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000046714f
ID des fehlerhaften Prozesses: 0x18e8
Startzeit der fehlerhaften Anwendung: 0x01d2824754ef63d8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Berichtskennung: acccb34d-ee3a-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/08/2017 09:10:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLVDLauncher.exe, Version: 8.0.0.1924, Zeitstempel: 0x500e4d06
Name des fehlerhaften Moduls: Link\Power2Go8\CLVDLauncher.exe, Version: 6.3.9600.18202, Zeitstempel: 0x569e72c5
Ausnahmecode: 0xc0000138
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0x133c
Startzeit der fehlerhaften Anwendung: 0x01d282470d64e900
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe
Pfad des fehlerhaften Moduls: Link\Power2Go8\CLVDLauncher.exe
Berichtskennung: a80eff90-ee3a-11e6-bf0e-5453ed3b7812
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/08/2017 10:11:03 PM) (Source: DCOM) (EventID: 10010) (User: JATA)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/08/2017 09:59:36 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:59:27 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:57:28 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:57:18 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:56:42 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:56:28 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:56:21 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:37:25 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.

Error: (02/08/2017 09:37:06 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei GerÃ¤t \Device\Harddisk0\DR0.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 6091.28 MB
Verfügbarer physikalischer RAM: 4281.46 MB
Summe virtueller Speicher: 12235.28 MB
Verfügbarer virtueller Speicher: 9564.73 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:662.69 GB) (Free:274.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8D41EBCD)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 09.02.2017, 16:15

Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

DeleteKey: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\Software\Trolltech
C:\Program Files (x86)\Mobogenie
emptytemp:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\MountPoints2: {b0ff46d6-7bd5-11e5-bec1-5453ed3b7812} - "F:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4215103822-3391258602-2653336318-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02082017210833240\...\MountPoints2: {781dfa70-5929-11e3-be74-b8763ff8f1f2} - "I:\WD SmartWare.exe" autoplay=true
CHR Extension: (Stuff.tv CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcjccadpaggjijncnedadbobkbimmjpk [2017-01-27]
CHR Extension: (Data generator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\legklhfpihknmgmlhiadachbaihccpho [2017-01-30]
CHR Extension: (Manage Tabs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\memofnfkklanghgnaleppdgfnmbojdbk [2017-01-30]
CHR Extension: (Perfect.com CBG) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijlcckaclcecjlibilijgacfdomphgp [2017-02-02]
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {DCC19C28-8BCA-4391-8E83-8371CC31FAE1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-20] ()
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
IE trusted site: HKU\S-1-5-21-4215103822-3391258602-2653336318-1001\...\localhost -> localhost

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt: 2
Bitte folge mal dieser Anleitung: Zustand der Festplatte herausfinden - so gehts - Anleitungen

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Frage
Frage: Kennst du das folgende Programm und hast es absichtlich installiert?

doubleTwist

Hast du noch irgendwelche Probleme mit deinem Rechner?

05.02.2017, 19:25	#6
burningice /// Malwareteam	Im Browser öffnen sich Seiten von allein Vieren-Warnungen bzw. Werbung für Reparaturtools erscheinen ja, bitte neustarten. Tritt das Problem noch immer so auf? __________________ --> Im Browser öffnen sich Seiten von allein Vieren-Warnungen bzw. Werbung für Reparaturtools erscheinen

Im Browser öffnen sich Seiten von allein Vieren-Warnungen bzw. Werbung für Reparaturtools erscheinen

Plagegeister aller Art und deren Bekämpfung: Im Browser öffnen sich Seiten von allein Vieren-Warnungen bzw. Werbung für Reparaturtools erscheinen