| |
| |||||||
Log-Analyse und Auswertung: Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.12.2015, 14:55
| #1 |
 |  Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Hallo, gestern Abend habe ich einen Emailanhang "doc_fGDepjgooT.zip" heruntergeladen und die darin enthaltene Datei "doc.js" entpackt und angeklickt. Da der Absender ein Familienmitglied war hab ich das so nebenbei einfach leichtsinnig gemacht, schön blöd... Avira hat sich sofort gemeldet, Malwarebytes Anti-Malware findet nichts, was soll ich nun tun? Hier die Logs: Code:
ATTFilter 12.12.2015 00:33 [Planer] Auftrag gestartet
Auftrag "Automatisches Update Free"
wurde erfolgreich gestartet.
12.12.2015 00:30 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\****\AppData\Local\Temp\125104.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen4 (Cloud)'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5e80fda0.qua'
verschoben!
12.12.2015 00:30 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
Anzahl Dateien: 888
Anzahl Verzeichnisse: 0
Anzahl Malware: 1
Anzahl Warnungen: 0
12.12.2015 00:30 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\****\AppData\Local\Temp\125104.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen4 (Cloud)'
[TR/Crypt.XPACK.Gen4] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015
durchgeführt von **** (Administrator) auf PC**** (12-12-2015 14:13:26)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** & (Verfügbare Profile: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: {812851b0-e5e5-11e1-bcc7-80c16eed82d8} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: {f1582011-9ceb-11e5-a1e3-80c16eed82d8} - G:\startme.exe
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {812851b0-e5e5-11e1-bcc7-80c16eed82d8} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1582011-9ceb-11e5-a1e3-80c16eed82d8} - G:\startme.exe
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D321F810-E538-462A-886F-625BD4CA29E7}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Downloads Window - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2015-09-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Users\****\AppData\Local\Temp\7zS3986\hpslpsvc64.dll [1039360 2012-08-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-12-02] (CACE Technologies, Inc.)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-12 14:13 - 2015-12-12 14:14 - 00017704 _____ C:\Users\****\Desktop\FRST.txt
2015-12-12 14:13 - 2015-12-12 14:13 - 00000000 ____D C:\FRST
2015-12-12 14:11 - 2015-12-12 14:11 - 00002390 _____ C:\Users\****\Desktop\avira.txt
2015-12-12 14:07 - 2015-12-12 14:07 - 02369536 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-12-12 01:05 - 2015-12-12 12:42 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-12 01:05 - 2015-12-12 01:05 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-12 01:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-12-11 23:13 - 2015-12-12 03:32 - 00000000 ____D C:\Users\****\Desktop\Kollegah-Zuhaeltertape - Volume_4
2015-12-06 15:21 - 2015-12-06 15:21 - 00004230 _____ C:\windows\System32\Tasks\AMD Updater
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\Users\****\AppData\Roaming\library_dir
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-06 15:14 - 2015-12-06 15:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Raptr
2015-12-06 15:14 - 2015-12-06 15:15 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\Users\****\AppData\Local\AMD
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-06 15:13 - 2015-12-06 15:13 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-06 15:06 - 2015-12-06 15:14 - 00000000 ____D C:\Program Files\AMD
2015-12-06 15:04 - 2015-12-06 15:04 - 04947168 _____ (Advanced Micro Devices, Inc.) C:\Users\****\Desktop\autodetectutility.exe
2015-12-05 16:17 - 2015-12-05 16:17 - 19917892 _____ C:\Users\****\bedienungsanleitung_telefonanlage_digitalisierungsbox_premium.pdf
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\Documents\Square Enix
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\AppData\Local\CrashRpt
2015-12-02 01:35 - 2015-12-02 01:37 - 576022554 _____ C:\Users\****\Desktop\The.Waking.Ded.S06E08.Ger.Dub.WHRiP.XviD-FIJ.avi
2015-12-02 01:01 - 2015-12-02 01:01 - 00000000 ____D C:\Users\****\AppData\Local\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Program Files (x86)\LogView Studio
2015-12-02 00:13 - 2015-12-02 00:14 - 00000000 ____D C:\Users\****\AppData\Local\NETGEARGenie
2015-12-02 00:13 - 2015-12-02 00:13 - 00369168 _____ (CACE Technologies, Inc.) C:\windows\system32\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00281104 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00106000 _____ (CACE Technologies, Inc.) C:\windows\system32\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00096784 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2015-11-28 18:57 - 2015-11-13 22:16 - 1506175152 _____ C:\Users\****\Desktop\Knock.Out.UNCUT.avi
2015-11-27 17:42 - 2015-11-27 17:42 - 00123056 _____ C:\Users\****\Desktop\spirit-fw-1.3.2.4df
2015-11-18 14:18 - 2015-11-18 14:23 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP
2015-11-18 09:20 - 2015-11-18 09:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2015-11-18 09:17 - 2015-11-18 09:17 - 00296648 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2015-11-18 09:13 - 2015-11-18 09:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2015-11-18 09:08 - 2015-11-18 09:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2015-11-18 09:08 - 2015-11-18 09:08 - 00235008 _____ C:\windows\system32\clinfo.exe
2015-11-18 09:02 - 2015-11-18 09:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2015-11-18 08:58 - 2015-11-18 08:58 - 00065024 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-11-18 08:57 - 2015-11-18 08:57 - 00059392 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-11-18 08:50 - 2015-11-18 08:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl12cl64.dll
2015-11-18 08:49 - 2015-11-18 08:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl12cl.dll
2015-11-18 06:50 - 2015-11-18 06:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2015-11-18 06:48 - 2015-11-18 06:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2015-11-18 06:14 - 2015-11-18 06:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\SysWOW64\atiapfxx.blb
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\system32\atiapfxx.blb
2015-11-18 05:05 - 2015-11-18 05:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2015-11-18 04:43 - 2015-11-18 04:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 00865280 _____ (AMD) C:\windows\system32\coinst_15.30.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2015-11-18 04:27 - 2015-11-18 04:27 - 03437632 _____ C:\windows\system32\atiumd6a.cap
2015-11-18 04:26 - 2015-11-18 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2015-11-18 04:26 - 2015-11-18 04:26 - 00223744 _____ C:\windows\system32\dgtrayicon.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00552448 _____ (AMD) C:\windows\system32\atieclxx.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00204800 _____ C:\windows\system32\amdgfxinfo64.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00189952 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00162304 _____ C:\windows\system32\atieah64.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00145408 _____ C:\windows\SysWOW64\atieah32.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00031744 _____ (AMD) C:\windows\system32\atimuixx.dll
2015-11-18 04:24 - 2015-11-18 04:24 - 00246272 _____ (AMD) C:\windows\system32\atiesrxx.exe
2015-11-18 04:22 - 2015-11-18 04:22 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2015-11-18 04:10 - 2015-11-18 04:10 - 03471376 _____ C:\windows\SysWOW64\atiumdva.cap
2015-11-18 03:58 - 2015-11-18 03:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2015-11-18 03:58 - 2015-11-18 03:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2015-11-18 03:53 - 2015-11-18 03:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2015-11-18 03:53 - 2015-11-18 03:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00195072 _____ C:\windows\system32\hsa-thunk64.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00174592 _____ C:\windows\SysWOW64\hsa-thunk.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Users\****\.AnyLogicUniversity
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Program Files\Senselock
2015-11-13 15:33 - 2015-11-24 06:09 - 00000000 ____D C:\Users\****\Desktop\twd
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-12 14:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-12 13:57 - 2012-08-04 13:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-12 12:43 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:43 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:32 - 2012-06-15 00:44 - 18063628 _____ C:\windows\system32\perfh007.dat
2015-12-12 12:32 - 2012-06-15 00:44 - 05623960 _____ C:\windows\system32\perfc007.dat
2015-12-12 12:32 - 2009-07-14 06:13 - 00006504 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-12 12:28 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-12 03:32 - 2012-07-23 23:13 - 00000000 ____D C:\Users\****\AppData\Roaming\Mp3tag
2015-12-12 02:11 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-12 01:19 - 2013-02-25 23:13 - 00000000 ____D C:\Users\****\Office 2010 Activator v1.4.1.0
2015-12-12 01:19 - 2012-07-19 14:44 - 00000000 ____D C:\Users\****
2015-12-12 00:26 - 2012-07-22 18:54 - 00000000 ____D C:\Users\****\AppData\Roaming\vlc
2015-12-11 18:10 - 2012-07-19 14:49 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E6CFB42A-8A13-45D3-BB3C-832EB88BB857}
2015-12-09 19:50 - 2012-07-22 18:30 - 00000000 ____D C:\Users\****\Desktop\musik
2015-12-09 16:57 - 2012-08-04 13:57 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 16:57 - 2012-06-15 01:12 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:57 - 2012-06-15 01:12 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 15:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-06 15:09 - 2013-12-05 04:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-06 15:06 - 2012-12-25 20:57 - 00000000 ____D C:\AMD
2015-12-06 15:05 - 2012-11-13 15:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 00:02 - 2013-08-11 15:10 - 00000000 ____D C:\Users\****\Desktop\modellbau
2015-12-02 01:00 - 2013-04-05 19:42 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-02 00:53 - 2015-02-18 16:51 - 00000000 ____D C:\HELI-X6
2015-12-02 00:17 - 2015-10-04 20:51 - 00000000 ____D C:\Program Files (x86)\Spirit Settings
2015-12-02 00:17 - 2015-01-24 02:04 - 00001112 _____ C:\Users\Public\Desktop\Spirit Settings.lnk
2015-12-02 00:17 - 2014-09-08 12:30 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spirit Settings.lnk
2015-12-02 00:11 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Oracle
2015-12-02 00:10 - 2015-01-03 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-02 00:10 - 2014-01-20 06:04 - 00000000 ____D C:\Program Files\Java
2015-12-02 00:10 - 2014-01-20 05:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-02 00:10 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-02 00:09 - 2015-09-15 03:41 - 00000000 ____D C:\Users\****\.oracle_jre_usage
2015-12-02 00:09 - 2014-01-20 06:04 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 12:09 - 2013-08-07 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 12:08 - 2013-08-07 08:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-11-28 18:37 - 2012-07-24 13:31 - 00000000 ____D C:\Users\****\AppData\Local\CrashDumps
2015-11-27 21:23 - 2015-04-19 18:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-23 07:03 - 2012-06-15 01:06 - 00000000 ____D C:\ProgramData\Temp
2015-11-23 06:57 - 2014-02-11 14:05 - 00000000 ____D C:\Users\****\Documents\RealFlight 7
2015-11-18 18:14 - 2015-10-17 18:13 - 00000000 ____D C:\Users\****\Desktop\Scandal
2015-11-18 09:20 - 2012-12-25 20:45 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2015-11-18 09:20 - 2012-12-25 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2015-11-18 09:20 - 2012-12-25 20:44 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2015-11-18 09:20 - 2012-09-28 02:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2015-11-18 09:20 - 2012-02-14 15:17 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2015-11-18 09:20 - 2012-02-14 14:52 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2015-11-18 09:20 - 2012-02-14 14:12 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2015-11-18 09:19 - 2012-09-28 03:23 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2015-11-18 09:19 - 2012-09-28 02:22 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2015-11-13 03:26 - 2015-10-29 23:31 - 00000000 ____D C:\Users\****\Desktop\2 Broke Girls - Staffel 4
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-07-15 20:56 - 2010-01-15 09:36 - 0075040 _____ () C:\Program Files (x86)\Common Files\SpeechUninstall.exe
2012-08-29 18:23 - 2013-10-28 06:23 - 0000676 _____ () C:\Users\****\AppData\Roaming\DriveCalculator Preferences
2012-07-19 15:37 - 2012-07-19 15:37 - 0000173 _____ () C:\Users\****\AppData\Local\msmathematics.qat.****
2013-07-12 18:57 - 2013-07-12 18:57 - 0000848 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2014-12-26 10:49 - 2014-12-26 10:49 - 0007605 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\****\adwcleaner_4.206.exe
C:\Users\****\HijackThis.exe
C:\Users\****\MP3QualityModifier.exe
C:\Users\****\TeamViewer_Setup_de.exe
Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 16:04
==================== Ende von FRST.txt ============================
|
|
12.12.2015, 14:56
| #2 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-12 14:14:52)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version: - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version: - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
29-11-2015 00:00:01 Geplanter Prüfpunkt
06-12-2015 01:14:36 Geplanter Prüfpunkt
06-12-2015 15:06:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
06-12-2015 15:09:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-08-05 10:15 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-14 15:49 - 2014-07-14 15:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 12:28:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 12:28:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 12:28:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 01:21:57 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Systemfehler:
=============
Error: (12/12/2015 12:28:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/12/2015 12:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 12:28:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 01:21:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/12/2015 01:21:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 01:21:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 12:25:37 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (12/12/2015 12:25:36 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (12/12/2015 12:24:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/12/2015 12:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 5872.8 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13367.61 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:555 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
12.12.2015, 15:55
| #3 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
12.12.2015, 17:14
| #4 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Danke für deine Hilfe, es wurde nichts gefunden, hier der Log: Code:
ATTFilter 17:06:39.0689 0x0ce8 TDSS rootkit removing tool 3.1.0.8 Dec 5 2015 01:19:03
17:06:39.0689 0x0ce8 UEFI system
17:06:46.0644 0x0ce8 ============================================================
17:06:46.0644 0x0ce8 Current date / time: 2015/12/12 17:06:46.0644
17:06:46.0644 0x0ce8 SystemInfo:
17:06:46.0644 0x0ce8
17:06:46.0644 0x0ce8 OS Version: 6.1.7601 ServicePack: 1.0
17:06:46.0644 0x0ce8 Product type: Workstation
17:06:46.0644 0x0ce8 ComputerName: PC****
17:06:46.0645 0x0ce8 UserName: ****
17:06:46.0645 0x0ce8 Windows directory: C:\windows
17:06:46.0645 0x0ce8 System windows directory: C:\windows
17:06:46.0645 0x0ce8 Running under WOW64
17:06:46.0645 0x0ce8 Processor architecture: Intel x64
17:06:46.0645 0x0ce8 Number of processors: 4
17:06:46.0645 0x0ce8 Page size: 0x1000
17:06:46.0645 0x0ce8 Boot type: Normal boot
17:06:46.0645 0x0ce8 ============================================================
17:06:50.0080 0x0ce8 KLMD registered as C:\windows\system32\drivers\63657864.sys
17:06:50.0294 0x0ce8 System UUID: {5A499F7E-3937-6968-FB98-064B2052693E}
17:06:50.0611 0x0ce8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:06:50.0616 0x0ce8 ============================================================
17:06:50.0616 0x0ce8 \Device\Harddisk0\DR0:
17:06:50.0616 0x0ce8 GPT partitions:
17:06:50.0617 0x0ce8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {17207ADB-0051-4F78-915E-9E50EA4DF5D6}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
17:06:50.0617 0x0ce8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3589F42B-81A2-4036-B3AA-2EF790E5E1A9}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
17:06:50.0617 0x0ce8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {589C8E24-97FC-4FFC-B207-7CDB23DF4603}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x724D0800
17:06:50.0617 0x0ce8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {539FFBCF-57BC-478B-9638-9B7494E88E2C}, Name: Basic data partition, StartLBA 0x72543000, BlocksNum 0x21C3800
17:06:50.0617 0x0ce8 MBR partitions:
17:06:50.0617 0x0ce8 ============================================================
17:06:50.0628 0x0ce8 C: <-> \Device\Harddisk0\DR0\Partition3
17:06:50.0673 0x0ce8 D: <-> \Device\Harddisk0\DR0\Partition4
17:06:50.0673 0x0ce8 ============================================================
17:06:50.0673 0x0ce8 Initialize success
17:06:50.0673 0x0ce8 ============================================================
17:07:19.0607 0x04dc ============================================================
17:07:19.0607 0x04dc Scan started
17:07:19.0607 0x04dc Mode: Manual; SigCheck; TDLFS;
17:07:19.0607 0x04dc ============================================================
17:07:19.0607 0x04dc KSN ping started
17:07:33.0278 0x04dc KSN ping finished: true
17:07:34.0623 0x04dc ================ Scan system memory ========================
17:07:34.0623 0x04dc System memory - ok
17:07:34.0623 0x04dc ================ Scan services =============================
17:07:34.0731 0x04dc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:07:34.0793 0x04dc 1394ohci - ok
17:07:34.0824 0x04dc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:07:34.0837 0x04dc ACPI - ok
17:07:34.0851 0x04dc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:07:34.0903 0x04dc AcpiPmi - ok
17:07:34.0985 0x04dc [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:34.0993 0x04dc AdobeARMservice - ok
17:07:35.0084 0x04dc [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:35.0093 0x04dc AdobeFlashPlayerUpdateSvc - ok
17:07:35.0127 0x04dc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:07:35.0144 0x04dc adp94xx - ok
17:07:35.0176 0x04dc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
17:07:35.0190 0x04dc adpahci - ok
17:07:35.0225 0x04dc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:07:35.0235 0x04dc adpu320 - ok
17:07:35.0249 0x04dc [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:07:35.0270 0x04dc AeLookupSvc - ok
17:07:35.0324 0x04dc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
17:07:35.0375 0x04dc AFD - ok
17:07:35.0404 0x04dc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
17:07:35.0412 0x04dc agp440 - ok
17:07:35.0439 0x04dc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
17:07:35.0479 0x04dc ALG - ok
17:07:35.0509 0x04dc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
17:07:35.0517 0x04dc aliide - ok
17:07:35.0570 0x04dc [ 1988ACBAB87EF67E63EC2D00A0CF5B26, 7B2C20E9E25289FE54D393F04C540C43C75AEEB11B4FFA31866FF7B23F8AFF66 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
17:07:35.0616 0x04dc AMD External Events Utility - ok
17:07:35.0635 0x04dc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
17:07:35.0642 0x04dc amdide - ok
17:07:35.0677 0x04dc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:07:35.0708 0x04dc AmdK8 - ok
17:07:35.0754 0x04dc amdkmdag - ok
17:07:35.0814 0x04dc [ 1E2E0FD45B2F9ADD2E5A5125D44F9BCE, B4D65566D15A26865A1506B5BE0E5E0CFBCCB655A2AD358314628FA37169EB6B ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
17:07:35.0868 0x04dc amdkmdap - ok
17:07:35.0895 0x04dc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:07:35.0907 0x04dc AmdPPM - ok
17:07:35.0928 0x04dc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:07:35.0940 0x04dc amdsata - ok
17:07:35.0968 0x04dc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:07:35.0982 0x04dc amdsbs - ok
17:07:35.0997 0x04dc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
17:07:36.0004 0x04dc amdxata - ok
17:07:36.0079 0x04dc [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:07:36.0103 0x04dc AntiVirMailService - ok
17:07:36.0157 0x04dc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:07:36.0170 0x04dc AntiVirSchedulerService - ok
17:07:36.0207 0x04dc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:07:36.0220 0x04dc AntiVirService - ok
17:07:36.0294 0x04dc [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:07:36.0337 0x04dc AntiVirWebService - ok
17:07:36.0383 0x04dc [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
17:07:36.0420 0x04dc AppID - ok
17:07:36.0438 0x04dc [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:07:36.0447 0x04dc AppIDSvc - ok
17:07:36.0478 0x04dc [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\windows\System32\appinfo.dll
17:07:36.0517 0x04dc Appinfo - ok
17:07:36.0534 0x04dc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
17:07:36.0550 0x04dc arc - ok
17:07:36.0569 0x04dc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
17:07:36.0578 0x04dc arcsas - ok
17:07:36.0664 0x04dc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:07:36.0681 0x04dc aspnet_state - ok
17:07:36.0695 0x04dc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:07:36.0772 0x04dc AsyncMac - ok
17:07:36.0796 0x04dc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
17:07:36.0803 0x04dc atapi - ok
17:07:36.0864 0x04dc [ 80AA9265E820A8667EDEF731E31335B6, 549DC0BCF988F25CF3F89A784DC9B97C6D4DF697302F5CF467EFA2B816991A52 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
17:07:36.0903 0x04dc AtiHDAudioService - ok
17:07:36.0956 0x04dc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:07:36.0976 0x04dc AudioEndpointBuilder - ok
17:07:36.0990 0x04dc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
17:07:37.0007 0x04dc AudioSrv - ok
17:07:37.0061 0x04dc [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:07:37.0070 0x04dc avgntflt - ok
17:07:37.0115 0x04dc [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:07:37.0123 0x04dc avipbb - ok
17:07:37.0177 0x04dc [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:07:37.0184 0x04dc Avira.OE.ServiceHost - ok
17:07:37.0202 0x04dc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:07:37.0208 0x04dc avkmgr - ok
17:07:37.0235 0x04dc [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
17:07:37.0242 0x04dc avnetflt - ok
17:07:37.0261 0x04dc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
17:07:37.0316 0x04dc AxInstSV - ok
17:07:37.0351 0x04dc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:07:37.0375 0x04dc b06bdrv - ok
17:07:37.0394 0x04dc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:07:37.0420 0x04dc b57nd60a - ok
17:07:37.0459 0x04dc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
17:07:37.0496 0x04dc BDESVC - ok
17:07:37.0506 0x04dc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
17:07:37.0538 0x04dc Beep - ok
17:07:37.0580 0x04dc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
17:07:37.0601 0x04dc BFE - ok
17:07:37.0635 0x04dc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
17:07:37.0735 0x04dc BITS - ok
17:07:37.0758 0x04dc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
17:07:37.0781 0x04dc blbdrive - ok
17:07:37.0818 0x04dc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:07:37.0845 0x04dc bowser - ok
17:07:37.0865 0x04dc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:07:37.0891 0x04dc BrFiltLo - ok
17:07:37.0911 0x04dc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:07:37.0936 0x04dc BrFiltUp - ok
17:07:37.0973 0x04dc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
17:07:38.0005 0x04dc Browser - ok
17:07:38.0040 0x04dc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:07:38.0075 0x04dc Brserid - ok
17:07:38.0108 0x04dc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:07:38.0131 0x04dc BrSerWdm - ok
17:07:38.0146 0x04dc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:07:38.0173 0x04dc BrUsbMdm - ok
17:07:38.0196 0x04dc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:07:38.0227 0x04dc BrUsbSer - ok
17:07:38.0258 0x04dc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
17:07:38.0286 0x04dc BthEnum - ok
17:07:38.0317 0x04dc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:07:38.0328 0x04dc BTHMODEM - ok
17:07:38.0358 0x04dc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:07:38.0386 0x04dc BthPan - ok
17:07:38.0437 0x04dc [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
17:07:38.0481 0x04dc BTHPORT - ok
17:07:38.0511 0x04dc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
17:07:38.0552 0x04dc bthserv - ok
17:07:38.0582 0x04dc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
17:07:38.0612 0x04dc BTHUSB - ok
17:07:38.0645 0x04dc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:07:38.0679 0x04dc cdfs - ok
17:07:38.0712 0x04dc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:07:38.0745 0x04dc cdrom - ok
17:07:38.0788 0x04dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
17:07:38.0823 0x04dc CertPropSvc - ok
17:07:38.0835 0x04dc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
17:07:38.0858 0x04dc circlass - ok
17:07:38.0900 0x04dc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
17:07:38.0964 0x04dc CLFS - ok
17:07:39.0032 0x04dc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:39.0051 0x04dc clr_optimization_v2.0.50727_32 - ok
17:07:39.0088 0x04dc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:39.0101 0x04dc clr_optimization_v2.0.50727_64 - ok
17:07:39.0161 0x04dc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:39.0170 0x04dc clr_optimization_v4.0.30319_32 - ok
17:07:39.0183 0x04dc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:39.0191 0x04dc clr_optimization_v4.0.30319_64 - ok
17:07:39.0228 0x04dc [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
17:07:39.0235 0x04dc CLVirtualDrive - ok
17:07:39.0259 0x04dc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
17:07:39.0266 0x0268 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:07:39.0283 0x04dc CmBatt - ok
17:07:39.0298 0x04dc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
17:07:39.0305 0x04dc cmdide - ok
17:07:39.0361 0x04dc [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
17:07:39.0380 0x04dc CNG - ok
17:07:39.0394 0x04dc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:07:39.0401 0x04dc Compbatt - ok
17:07:39.0426 0x04dc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:07:39.0453 0x04dc CompositeBus - ok
17:07:39.0465 0x04dc COMSysApp - ok
17:07:39.0501 0x04dc [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
17:07:39.0508 0x04dc cpudrv64 - ok
17:07:39.0519 0x04dc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:07:39.0526 0x04dc crcdisk - ok
17:07:39.0562 0x04dc [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:07:39.0599 0x04dc CryptSvc - ok
17:07:39.0627 0x04dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
17:07:39.0673 0x04dc DcomLaunch - ok
17:07:39.0708 0x04dc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
17:07:39.0751 0x04dc defragsvc - ok
17:07:39.0774 0x04dc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:07:39.0813 0x04dc DfsC - ok
17:07:39.0859 0x04dc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
17:07:39.0883 0x04dc Dhcp - ok
17:07:39.0985 0x04dc [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\windows\system32\diagtrack.dll
17:07:40.0027 0x04dc DiagTrack - ok
17:07:40.0049 0x04dc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
17:07:40.0075 0x04dc discache - ok
17:07:40.0093 0x04dc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
17:07:40.0102 0x04dc Disk - ok
17:07:40.0120 0x04dc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:07:40.0141 0x04dc Dnscache - ok
17:07:40.0170 0x04dc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
17:07:40.0196 0x04dc dot3svc - ok
17:07:40.0211 0x04dc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
17:07:40.0244 0x04dc DPS - ok
17:07:40.0283 0x04dc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:07:40.0312 0x04dc drmkaud - ok
17:07:40.0359 0x04dc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:07:40.0389 0x04dc DXGKrnl - ok
17:07:40.0415 0x04dc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
17:07:40.0456 0x04dc EapHost - ok
17:07:40.0548 0x04dc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
17:07:40.0631 0x04dc ebdrv - ok
17:07:40.0679 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\windows\System32\lsass.exe
17:07:40.0725 0x04dc EFS - ok
17:07:40.0807 0x04dc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:07:40.0878 0x04dc ehRecvr - ok
17:07:40.0891 0x04dc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
17:07:40.0906 0x04dc ehSched - ok
17:07:40.0946 0x04dc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:07:40.0962 0x04dc elxstor - ok
17:07:40.0978 0x04dc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:07:41.0001 0x04dc ErrDev - ok
17:07:41.0039 0x04dc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
17:07:41.0080 0x04dc EventSystem - ok
17:07:41.0098 0x04dc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
17:07:41.0123 0x04dc exfat - ok
17:07:41.0132 0x04dc ezSharedSvc - ok
17:07:41.0143 0x04dc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:07:41.0184 0x04dc fastfat - ok
17:07:41.0229 0x04dc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
17:07:41.0257 0x04dc Fax - ok
17:07:41.0280 0x04dc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
17:07:41.0302 0x04dc fdc - ok
17:07:41.0328 0x04dc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
17:07:41.0352 0x04dc fdPHost - ok
17:07:41.0355 0x04dc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
17:07:41.0389 0x04dc FDResPub - ok
17:07:41.0412 0x04dc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:07:41.0424 0x04dc FileInfo - ok
17:07:41.0434 0x04dc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:07:41.0474 0x04dc Filetrace - ok
17:07:41.0578 0x04dc [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:07:41.0606 0x04dc FLEXnet Licensing Service - ok
17:07:41.0709 0x04dc [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:07:41.0750 0x04dc FLEXnet Licensing Service 64 - ok
17:07:41.0768 0x04dc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:07:41.0789 0x04dc flpydisk - ok
17:07:41.0809 0x04dc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:07:41.0827 0x04dc FltMgr - ok
17:07:41.0896 0x04dc [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\windows\system32\FntCache.dll
17:07:41.0935 0x04dc FontCache - ok
17:07:41.0979 0x04dc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:41.0987 0x04dc FontCache3.0.0.0 - ok
17:07:42.0008 0x04dc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:07:42.0016 0x04dc FsDepends - ok
17:07:42.0018 0x0268 Object send P2P result: true
17:07:42.0018 0x0268 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:07:42.0036 0x04dc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:07:42.0042 0x04dc Fs_Rec - ok
17:07:42.0081 0x04dc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:07:42.0093 0x04dc fvevol - ok
17:07:42.0104 0x04dc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:07:42.0112 0x04dc gagp30kx - ok
17:07:42.0138 0x04dc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
17:07:42.0171 0x04dc gpsvc - ok
17:07:42.0187 0x04dc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:07:42.0214 0x04dc hcw85cir - ok
17:07:42.0247 0x04dc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:07:42.0281 0x04dc HdAudAddService - ok
17:07:42.0307 0x04dc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:07:42.0330 0x04dc HDAudBus - ok
17:07:42.0354 0x04dc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:07:42.0362 0x04dc HidBatt - ok
17:07:42.0384 0x04dc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:07:42.0396 0x04dc HidBth - ok
17:07:42.0419 0x04dc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
17:07:42.0446 0x04dc HidIr - ok
17:07:42.0474 0x04dc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
17:07:42.0510 0x04dc hidserv - ok
17:07:42.0548 0x04dc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:07:42.0573 0x04dc HidUsb - ok
17:07:42.0593 0x04dc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
17:07:42.0618 0x04dc hkmsvc - ok
17:07:42.0641 0x04dc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:07:42.0683 0x04dc HomeGroupListener - ok
17:07:42.0705 0x04dc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:07:42.0733 0x04dc HomeGroupProvider - ok
17:07:42.0769 0x04dc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:07:42.0783 0x04dc HpSAMD - ok
17:07:42.0944 0x04dc [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\****\AppData\Local\Temp\7zS3986\hpslpsvc64.dll
17:07:42.0968 0x04dc HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
17:07:44.0759 0x0268 Object send P2P result: true
17:07:44.0759 0x0268 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:07:45.0658 0x04dc Detect skipped due to KSN trusted
17:07:45.0658 0x04dc HPSLPSVC - ok
17:07:45.0710 0x04dc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:07:45.0774 0x04dc HTTP - ok
17:07:45.0793 0x04dc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:07:45.0806 0x04dc hwpolicy - ok
17:07:45.0839 0x04dc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:07:45.0863 0x04dc i8042prt - ok
17:07:45.0896 0x04dc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:07:45.0920 0x04dc iaStorV - ok
17:07:45.0964 0x04dc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:07:45.0984 0x04dc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:07:47.0498 0x0268 Object send P2P result: true
17:07:48.0669 0x04dc Detect skipped due to KSN trusted
17:07:48.0670 0x04dc IDriverT - ok
17:07:48.0828 0x04dc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:48.0867 0x04dc idsvc - ok
17:07:48.0890 0x04dc IEEtwCollectorService - ok
17:07:49.0042 0x04dc [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:07:49.0167 0x04dc igfx - ok
17:07:49.0204 0x04dc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:07:49.0212 0x04dc iirsp - ok
17:07:49.0255 0x04dc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
17:07:49.0294 0x04dc IKEEXT - ok
17:07:49.0321 0x04dc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
17:07:49.0328 0x04dc intelide - ok
17:07:49.0350 0x04dc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:07:49.0358 0x04dc intelppm - ok
17:07:49.0398 0x04dc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:07:49.0434 0x04dc IPBusEnum - ok
17:07:49.0459 0x04dc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:07:49.0496 0x04dc IpFilterDriver - ok
17:07:49.0535 0x04dc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:07:49.0567 0x04dc iphlpsvc - ok
17:07:49.0593 0x04dc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:07:49.0602 0x04dc IPMIDRV - ok
17:07:49.0618 0x04dc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:07:49.0658 0x04dc IPNAT - ok
17:07:49.0679 0x04dc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
17:07:49.0689 0x04dc IRENUM - ok
17:07:49.0704 0x04dc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:07:49.0711 0x04dc isapnp - ok
17:07:49.0726 0x04dc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:07:49.0743 0x04dc iScsiPrt - ok
17:07:49.0761 0x04dc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:07:49.0772 0x04dc kbdclass - ok
17:07:49.0792 0x04dc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:07:49.0821 0x04dc kbdhid - ok
17:07:49.0836 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\windows\system32\lsass.exe
17:07:49.0844 0x04dc KeyIso - ok
17:07:49.0876 0x04dc [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:07:49.0884 0x04dc KSecDD - ok
17:07:49.0890 0x04dc [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:07:49.0900 0x04dc KSecPkg - ok
17:07:49.0920 0x04dc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:07:49.0960 0x04dc ksthunk - ok
17:07:49.0987 0x04dc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
17:07:50.0023 0x04dc KtmRm - ok
17:07:50.0060 0x04dc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
17:07:50.0085 0x04dc LanmanServer - ok
17:07:50.0111 0x04dc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:07:50.0134 0x04dc LanmanWorkstation - ok
17:07:50.0163 0x04dc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:07:50.0190 0x04dc lltdio - ok
17:07:50.0204 0x04dc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:07:50.0247 0x04dc lltdsvc - ok
17:07:50.0269 0x04dc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
17:07:50.0303 0x04dc lmhosts - ok
17:07:50.0345 0x04dc [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:07:50.0355 0x04dc LMS - ok
17:07:50.0386 0x04dc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:07:50.0394 0x04dc LSI_FC - ok
17:07:50.0418 0x04dc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:07:50.0426 0x04dc LSI_SAS - ok
17:07:50.0433 0x04dc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:07:50.0441 0x04dc LSI_SAS2 - ok
17:07:50.0450 0x04dc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:07:50.0458 0x04dc LSI_SCSI - ok
17:07:50.0471 0x04dc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
17:07:50.0499 0x04dc luafv - ok
17:07:50.0532 0x04dc [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:07:50.0538 0x04dc MBAMProtector - ok
17:07:50.0605 0x04dc [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:07:50.0631 0x04dc MBAMService - ok
17:07:50.0660 0x04dc [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
17:07:50.0668 0x04dc MBAMWebAccessControl - ok
17:07:50.0687 0x04dc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:07:50.0704 0x04dc Mcx2Svc - ok
17:07:50.0736 0x04dc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
17:07:50.0744 0x04dc megasas - ok
17:07:50.0779 0x04dc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:07:50.0793 0x04dc MegaSR - ok
17:07:50.0811 0x04dc [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
17:07:50.0819 0x04dc MEIx64 - ok
17:07:50.0847 0x04dc Microsoft SharePoint Workspace Audit Service - ok
17:07:50.0948 0x04dc [ 551A5E070F5DF69A64463852E93009DD, D226F4D198AD8A1A0CB399BA5299332995BF75615952DF6D3610B95EB7D180BB ] mitsijm2013 C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
17:07:50.0966 0x04dc mitsijm2013 - ok
17:07:50.0974 0x04dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
17:07:50.0996 0x04dc MMCSS - ok
17:07:51.0081 0x04dc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
17:07:51.0120 0x04dc Modem - ok
17:07:51.0143 0x04dc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:07:51.0167 0x04dc monitor - ok
17:07:51.0202 0x04dc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:07:51.0216 0x04dc mouclass - ok
17:07:51.0241 0x04dc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:07:51.0272 0x04dc mouhid - ok
17:07:51.0301 0x04dc [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:07:51.0311 0x04dc mountmgr - ok
17:07:51.0353 0x04dc [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:07:51.0365 0x04dc MozillaMaintenance - ok
17:07:51.0387 0x04dc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
17:07:51.0399 0x04dc mpio - ok
17:07:51.0478 0x04dc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:07:51.0515 0x04dc mpsdrv - ok
17:07:51.0544 0x04dc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
17:07:51.0579 0x04dc MpsSvc - ok
17:07:51.0595 0x04dc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:07:51.0619 0x04dc MRxDAV - ok
17:07:51.0644 0x04dc [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:07:51.0668 0x04dc mrxsmb - ok
17:07:51.0702 0x04dc [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:07:51.0715 0x04dc mrxsmb10 - ok
17:07:51.0725 0x04dc [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:07:51.0746 0x04dc mrxsmb20 - ok
17:07:51.0773 0x04dc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
17:07:51.0786 0x04dc msahci - ok
17:07:51.0802 0x04dc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:07:51.0813 0x04dc msdsm - ok
17:07:51.0835 0x04dc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
17:07:51.0848 0x04dc MSDTC - ok
17:07:51.0863 0x04dc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:07:51.0887 0x04dc Msfs - ok
17:07:51.0903 0x04dc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:07:51.0927 0x04dc mshidkmdf - ok
17:07:51.0945 0x04dc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:07:51.0956 0x04dc msisadrv - ok
17:07:51.0973 0x04dc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:07:52.0014 0x04dc MSiSCSI - ok
17:07:52.0016 0x04dc msiserver - ok
17:07:52.0053 0x04dc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:07:52.0090 0x04dc MSKSSRV - ok
17:07:52.0105 0x04dc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:07:52.0128 0x04dc MSPCLOCK - ok
17:07:52.0140 0x04dc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:07:52.0163 0x04dc MSPQM - ok
17:07:52.0180 0x04dc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:07:52.0198 0x04dc MsRPC - ok
17:07:52.0230 0x04dc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:07:52.0237 0x04dc mssmbios - ok
17:07:52.0245 0x04dc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:07:52.0278 0x04dc MSTEE - ok
17:07:52.0281 0x04dc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:07:52.0289 0x04dc MTConfig - ok
17:07:52.0310 0x04dc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
17:07:52.0321 0x04dc Mup - ok
17:07:52.0350 0x04dc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
17:07:52.0393 0x04dc napagent - ok
17:07:52.0429 0x04dc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:07:52.0462 0x04dc NativeWifiP - ok
17:07:52.0528 0x04dc [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:07:52.0545 0x04dc NAUpdate - ok
17:07:52.0577 0x04dc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
17:07:52.0602 0x04dc NDIS - ok
17:07:52.0634 0x04dc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:07:52.0668 0x04dc NdisCap - ok
17:07:52.0690 0x04dc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:07:52.0727 0x04dc NdisTapi - ok
17:07:52.0745 0x04dc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:07:52.0780 0x04dc Ndisuio - ok
17:07:52.0801 0x04dc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:07:52.0844 0x04dc NdisWan - ok
17:07:52.0864 0x04dc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:07:52.0885 0x04dc NDProxy - ok
17:07:52.0922 0x04dc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:07:52.0947 0x04dc NetBIOS - ok
17:07:52.0960 0x04dc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:07:52.0985 0x04dc NetBT - ok
17:07:53.0003 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\windows\system32\lsass.exe
17:07:53.0010 0x04dc Netlogon - ok
17:07:53.0044 0x04dc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
17:07:53.0072 0x04dc Netman - ok
17:07:53.0133 0x04dc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0143 0x04dc NetMsmqActivator - ok
17:07:53.0146 0x04dc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0155 0x04dc NetPipeActivator - ok
17:07:53.0176 0x04dc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
17:07:53.0221 0x04dc netprofm - ok
17:07:53.0225 0x04dc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0234 0x04dc NetTcpActivator - ok
17:07:53.0238 0x04dc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0247 0x04dc NetTcpPortSharing - ok
17:07:53.0276 0x04dc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:07:53.0284 0x04dc nfrd960 - ok
17:07:53.0306 0x04dc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
17:07:53.0319 0x04dc NlaSvc - ok
17:07:53.0359 0x04dc [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF C:\windows\system32\drivers\npf.sys
17:07:53.0365 0x04dc NPF - ok
17:07:53.0385 0x04dc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:07:53.0410 0x04dc Npfs - ok
17:07:53.0422 0x04dc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
17:07:53.0454 0x04dc nsi - ok
17:07:53.0471 0x04dc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:07:53.0506 0x04dc nsiproxy - ok
17:07:53.0563 0x04dc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:07:53.0601 0x04dc Ntfs - ok
17:07:53.0615 0x04dc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
17:07:53.0637 0x04dc Null - ok
17:07:53.0650 0x04dc NVHDA - ok
17:07:53.0655 0x04dc nvlddmkm - ok
17:07:53.0673 0x04dc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:07:53.0683 0x04dc nvraid - ok
17:07:53.0715 0x04dc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:07:53.0725 0x04dc nvstor - ok
17:07:53.0760 0x04dc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:07:53.0769 0x04dc nv_agp - ok
17:07:53.0788 0x04dc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:07:53.0808 0x04dc ohci1394 - ok
17:07:53.0857 0x04dc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:53.0865 0x04dc ose - ok
17:07:54.0023 0x04dc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:54.0120 0x04dc osppsvc - ok
17:07:54.0151 0x04dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:07:54.0197 0x04dc p2pimsvc - ok
17:07:54.0221 0x04dc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
17:07:54.0255 0x04dc p2psvc - ok
17:07:54.0284 0x04dc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
17:07:54.0308 0x04dc Parport - ok
17:07:54.0335 0x04dc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:07:54.0347 0x04dc partmgr - ok
17:07:54.0406 0x04dc [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
17:07:54.0443 0x04dc PcaSvc - ok
17:07:54.0461 0x04dc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
17:07:54.0475 0x04dc pci - ok
17:07:54.0515 0x04dc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
17:07:54.0529 0x04dc pciide - ok
17:07:54.0548 0x04dc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:07:54.0564 0x04dc pcmcia - ok
17:07:54.0584 0x04dc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
17:07:54.0600 0x04dc pcw - ok
17:07:54.0645 0x04dc [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:07:54.0673 0x04dc PEAUTH - ok
17:07:54.0739 0x04dc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
17:07:54.0752 0x04dc PerfHost - ok
17:07:54.0808 0x04dc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
17:07:54.0855 0x04dc pla - ok
17:07:54.0902 0x04dc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:07:54.0926 0x04dc PlugPlay - ok
17:07:54.0934 0x04dc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:07:54.0954 0x04dc PNRPAutoReg - ok
17:07:54.0975 0x04dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:07:54.0988 0x04dc PNRPsvc - ok
17:07:55.0012 0x04dc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:07:55.0042 0x04dc PolicyAgent - ok
17:07:55.0068 0x04dc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
17:07:55.0108 0x04dc Power - ok
17:07:55.0134 0x04dc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:07:55.0172 0x04dc PptpMiniport - ok
17:07:55.0195 0x04dc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
17:07:55.0205 0x04dc Processor - ok
17:07:55.0234 0x04dc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
17:07:55.0245 0x04dc ProfSvc - ok
17:07:55.0252 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\windows\system32\lsass.exe
17:07:55.0260 0x04dc ProtectedStorage - ok
17:07:55.0287 0x04dc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:07:55.0320 0x04dc Psched - ok
17:07:55.0376 0x04dc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:07:55.0411 0x04dc ql2300 - ok
17:07:55.0422 0x04dc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:07:55.0431 0x04dc ql40xx - ok
17:07:55.0459 0x04dc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
17:07:55.0475 0x04dc QWAVE - ok
17:07:55.0490 0x04dc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:07:55.0504 0x04dc QWAVEdrv - ok
17:07:55.0535 0x04dc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:07:55.0559 0x04dc RasAcd - ok
17:07:55.0577 0x04dc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:07:55.0613 0x04dc RasAgileVpn - ok
17:07:55.0654 0x04dc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
17:07:55.0689 0x04dc RasAuto - ok
17:07:55.0707 0x04dc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:07:55.0749 0x04dc Rasl2tp - ok
17:07:55.0776 0x04dc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
17:07:55.0804 0x04dc RasMan - ok
17:07:55.0824 0x04dc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:07:55.0850 0x04dc RasPppoe - ok
17:07:55.0856 0x04dc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:07:55.0882 0x04dc RasSstp - ok
17:07:55.0891 0x04dc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:07:55.0923 0x04dc rdbss - ok
17:07:55.0944 0x04dc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:07:55.0954 0x04dc rdpbus - ok
17:07:55.0983 0x04dc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:07:56.0014 0x04dc RDPCDD - ok
17:07:56.0017 0x04dc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:07:56.0038 0x04dc RDPENCDD - ok
17:07:56.0053 0x04dc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:07:56.0085 0x04dc RDPREFMP - ok
17:07:56.0161 0x04dc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
17:07:56.0187 0x04dc RdpVideoMiniport - ok
17:07:56.0225 0x04dc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:07:56.0256 0x04dc RDPWD - ok
17:07:56.0296 0x04dc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:07:56.0316 0x04dc rdyboost - ok
17:07:56.0337 0x04dc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
17:07:56.0365 0x04dc RemoteAccess - ok
17:07:56.0399 0x04dc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:07:56.0424 0x04dc RemoteRegistry - ok
17:07:56.0465 0x04dc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:07:56.0491 0x04dc RFCOMM - ok
17:07:56.0513 0x04dc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:07:56.0560 0x04dc RpcEptMapper - ok
17:07:56.0580 0x04dc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
17:07:56.0589 0x04dc RpcLocator - ok
17:07:56.0611 0x04dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
17:07:56.0646 0x04dc RpcSs - ok
17:07:56.0668 0x04dc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:07:56.0698 0x04dc rspndr - ok
17:07:56.0737 0x04dc [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:07:56.0756 0x04dc RTL8167 - ok
17:07:56.0769 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\windows\system32\lsass.exe
17:07:56.0778 0x04dc SamSs - ok
17:07:56.0793 0x04dc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:07:56.0804 0x04dc sbp2port - ok
17:07:56.0831 0x04dc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:07:56.0871 0x04dc SCardSvr - ok
17:07:56.0891 0x04dc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:07:56.0917 0x04dc scfilter - ok
17:07:56.0948 0x04dc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
17:07:56.0988 0x04dc Schedule - ok
17:07:57.0011 0x04dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
17:07:57.0032 0x04dc SCPolicySvc - ok
17:07:57.0042 0x04dc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:07:57.0065 0x04dc SDRSVC - ok
17:07:57.0147 0x04dc [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:07:57.0186 0x04dc SDScannerService - ok
17:07:57.0237 0x04dc [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:07:57.0262 0x04dc SDUpdateService - ok
17:07:57.0292 0x04dc [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:07:57.0301 0x04dc SDWSCService - ok
17:07:57.0325 0x04dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
17:07:57.0363 0x04dc secdrv - ok
17:07:57.0384 0x04dc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
17:07:57.0405 0x04dc seclogon - ok
17:07:57.0420 0x04dc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
17:07:57.0443 0x04dc SENS - ok
17:07:57.0455 0x04dc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
17:07:57.0489 0x04dc SensrSvc - ok
17:07:57.0512 0x04dc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:07:57.0520 0x04dc Serenum - ok
17:07:57.0555 0x04dc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
17:07:57.0564 0x04dc Serial - ok
17:07:57.0589 0x04dc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
17:07:57.0611 0x04dc sermouse - ok
17:07:57.0638 0x04dc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
17:07:57.0660 0x04dc SessionEnv - ok
17:07:57.0674 0x04dc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:07:57.0695 0x04dc sffdisk - ok
17:07:57.0712 0x04dc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:07:57.0731 0x04dc sffp_mmc - ok
17:07:57.0743 0x04dc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:07:57.0754 0x04dc sffp_sd - ok
17:07:57.0760 0x04dc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:07:57.0779 0x04dc sfloppy - ok
17:07:57.0809 0x04dc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:07:57.0847 0x04dc SharedAccess - ok
17:07:57.0869 0x04dc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:07:57.0896 0x04dc ShellHWDetection - ok
17:07:57.0923 0x04dc [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm C:\windows\system32\DRIVERS\silabenm.sys
17:07:57.0959 0x04dc silabenm - ok
17:07:57.0989 0x04dc [ 447209C314E6E0D26E01962075802B18, AB1AC5854EB0EDF66025609CF9CB5639014C264327F4DEE1223BF7F6E1BD2D15 ] silabser C:\windows\system32\DRIVERS\silabser.sys
17:07:58.0008 0x04dc silabser - ok
17:07:58.0031 0x04dc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:07:58.0039 0x04dc SiSRaid2 - ok
17:07:58.0054 0x04dc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:07:58.0061 0x04dc SiSRaid4 - ok
17:07:58.0083 0x04dc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:07:58.0110 0x04dc Smb - ok
17:07:58.0138 0x04dc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:07:58.0163 0x04dc SNMPTRAP - ok
17:07:58.0181 0x04dc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
17:07:58.0192 0x04dc spldr - ok
17:07:58.0221 0x04dc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
17:07:58.0252 0x04dc Spooler - ok
17:07:58.0379 0x04dc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
17:07:58.0462 0x04dc sppsvc - ok
17:07:58.0480 0x04dc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:07:58.0516 0x04dc sppuinotify - ok
17:07:58.0555 0x04dc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
17:07:58.0583 0x04dc srv - ok
17:07:58.0599 0x04dc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:07:58.0631 0x04dc srv2 - ok
17:07:58.0651 0x04dc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:07:58.0667 0x04dc srvnet - ok
17:07:58.0688 0x04dc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:07:58.0726 0x04dc SSDPSRV - ok
17:07:58.0741 0x04dc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
17:07:58.0774 0x04dc SstpSvc - ok
17:07:58.0843 0x04dc [ F5F2592EAF991348D655C482BCFD2B12, F08A573762047793559D1288EA763284044D9B99C0A2992A59F71526D18C1A7A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:07:58.0885 0x04dc STacSV - ok
17:07:58.0913 0x04dc Steam Client Service - ok
17:07:58.0927 0x04dc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
17:07:58.0934 0x04dc stexstor - ok
17:07:58.0963 0x04dc [ DCF0D5DB91B09FC456225352CDFD7DE7, 1A6C8E00540F3317369DA1672BE1D5A2EC26A6866D7118ACFFA2987ED315B410 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:07:58.0980 0x04dc STHDA - ok
17:07:59.0014 0x04dc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
17:07:59.0037 0x04dc stisvc - ok
17:07:59.0056 0x04dc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
17:07:59.0063 0x04dc swenum - ok
17:07:59.0082 0x04dc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
17:07:59.0113 0x04dc swprv - ok
17:07:59.0151 0x04dc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
17:07:59.0193 0x04dc SysMain - ok
17:07:59.0208 0x04dc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:07:59.0220 0x04dc TabletInputService - ok
17:07:59.0230 0x04dc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
17:07:59.0272 0x04dc TapiSrv - ok
17:07:59.0294 0x04dc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
17:07:59.0333 0x04dc TBS - ok
17:07:59.0411 0x04dc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:07:59.0465 0x04dc Tcpip - ok
17:07:59.0502 0x04dc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:07:59.0537 0x04dc TCPIP6 - ok
17:07:59.0554 0x04dc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:07:59.0562 0x04dc tcpipreg - ok
17:07:59.0588 0x04dc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:07:59.0612 0x04dc TDPIPE - ok
17:07:59.0633 0x04dc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:07:59.0641 0x04dc TDTCP - ok
17:07:59.0681 0x04dc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:07:59.0703 0x04dc tdx - ok
17:07:59.0878 0x04dc [ 8305FB462C325A67628E0556DF244B8B, 4ABD5D14E64BE07DD9332E39C3B902A40BD1E763A075F68F0048A7FAEB3019D5 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:07:59.0968 0x04dc TeamViewer - ok
17:07:59.0998 0x04dc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
17:08:00.0009 0x04dc TermDD - ok
17:08:00.0054 0x04dc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
17:08:00.0074 0x04dc TermService - ok
17:08:00.0096 0x04dc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
17:08:00.0120 0x04dc Themes - ok
17:08:00.0144 0x04dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
17:08:00.0166 0x04dc THREADORDER - ok
17:08:00.0196 0x04dc [ BDFC55C2389D23C7E36A627BD580EE98, E25CF1C01CF90B348333A0CBAF26F8F5751AE725E6059C35C492E00479105B70 ] tihub3 C:\windows\system32\drivers\tihub3.sys
17:08:00.0205 0x04dc tihub3 - ok
17:08:00.0230 0x04dc [ EBEDBC08C2E5EB4EC8E3DA4BF3D827B1, FC465EAF5C2E44F279B54B13C88ACCE565B1C9C6DDEB8D87FD0CD6CD3AA1AABC ] tixhci C:\windows\system32\drivers\tixhci.sys
17:08:00.0242 0x04dc tixhci - ok
17:08:00.0254 0x04dc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
17:08:00.0293 0x04dc TrkWks - ok
17:08:00.0342 0x04dc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:08:00.0370 0x04dc TrustedInstaller - ok
17:08:00.0406 0x04dc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:08:00.0417 0x04dc tssecsrv - ok
17:08:00.0457 0x04dc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:08:00.0483 0x04dc TsUsbFlt - ok
17:08:00.0501 0x04dc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:08:00.0517 0x04dc TsUsbGD - ok
17:08:00.0548 0x04dc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:08:00.0597 0x04dc tunnel - ok
17:08:00.0624 0x04dc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:08:00.0633 0x04dc uagp35 - ok
17:08:00.0648 0x04dc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:08:00.0680 0x04dc udfs - ok
17:08:00.0702 0x04dc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
17:08:00.0726 0x04dc UI0Detect - ok
17:08:00.0766 0x04dc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:08:00.0774 0x04dc uliagpkx - ok
17:08:00.0795 0x04dc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:08:00.0818 0x04dc umbus - ok
17:08:00.0835 0x04dc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
17:08:00.0863 0x04dc UmPass - ok
17:08:00.0888 0x04dc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
17:08:00.0932 0x04dc upnphost - ok
17:08:00.0961 0x04dc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:08:00.0974 0x04dc usbccgp - ok
17:08:01.0014 0x04dc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
17:08:01.0023 0x04dc usbcir - ok
17:08:01.0040 0x04dc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
17:08:01.0063 0x04dc usbehci - ok
17:08:01.0095 0x04dc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:08:01.0125 0x04dc usbhub - ok
17:08:01.0152 0x04dc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
17:08:01.0163 0x04dc usbohci - ok
17:08:01.0184 0x04dc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:08:01.0198 0x04dc usbprint - ok
17:08:01.0229 0x04dc [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\windows\system32\DRIVERS\usbser.sys
17:08:01.0247 0x04dc usbser - ok
17:08:01.0270 0x04dc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:08:01.0283 0x04dc USBSTOR - ok
17:08:01.0304 0x04dc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:08:01.0325 0x04dc usbuhci - ok
17:08:01.0342 0x04dc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
17:08:01.0365 0x04dc UxSms - ok
17:08:01.0378 0x04dc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\windows\system32\lsass.exe
17:08:01.0386 0x04dc VaultSvc - ok
17:08:01.0410 0x04dc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:08:01.0421 0x04dc vdrvroot - ok
17:08:01.0442 0x04dc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
17:08:01.0486 0x04dc vds - ok
17:08:01.0504 0x04dc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:08:01.0517 0x04dc vga - ok
17:08:01.0529 0x04dc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
17:08:01.0568 0x04dc VgaSave - ok
17:08:01.0595 0x04dc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:08:01.0606 0x04dc vhdmp - ok
17:08:01.0636 0x04dc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
17:08:01.0643 0x04dc viaide - ok
17:08:01.0651 0x04dc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:08:01.0663 0x04dc volmgr - ok
17:08:01.0679 0x04dc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:08:01.0693 0x04dc volmgrx - ok
17:08:01.0703 0x04dc [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
17:08:01.0715 0x04dc volsnap - ok
17:08:01.0737 0x04dc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:08:01.0746 0x04dc vsmraid - ok
17:08:01.0796 0x04dc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
17:08:01.0847 0x04dc VSS - ok
17:08:01.0855 0x04dc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
17:08:01.0869 0x04dc vwifibus - ok
17:08:01.0889 0x04dc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
17:08:01.0918 0x04dc W32Time - ok
17:08:01.0933 0x04dc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:08:01.0941 0x04dc WacomPen - ok
17:08:01.0968 0x04dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:08:02.0010 0x04dc WANARP - ok
17:08:02.0013 0x04dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:08:02.0035 0x04dc Wanarpv6 - ok
17:08:02.0086 0x04dc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
17:08:02.0144 0x04dc wbengine - ok
17:08:02.0169 0x04dc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:08:02.0184 0x04dc WbioSrvc - ok
17:08:02.0202 0x04dc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:08:02.0235 0x04dc wcncsvc - ok
17:08:02.0249 0x04dc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:08:02.0269 0x04dc WcsPlugInService - ok
17:08:02.0292 0x04dc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
17:08:02.0300 0x04dc Wd - ok
17:08:02.0360 0x04dc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:08:02.0401 0x04dc Wdf01000 - ok
17:08:02.0421 0x04dc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
17:08:02.0441 0x04dc WdiServiceHost - ok
17:08:02.0444 0x04dc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
17:08:02.0453 0x04dc WdiSystemHost - ok
17:08:02.0479 0x04dc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
17:08:02.0492 0x04dc WebClient - ok
17:08:02.0520 0x04dc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
17:08:02.0545 0x04dc Wecsvc - ok
17:08:02.0563 0x04dc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:08:02.0586 0x04dc wercplsupport - ok
17:08:02.0598 0x04dc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
17:08:02.0620 0x04dc WerSvc - ok
17:08:02.0641 0x04dc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:08:02.0664 0x04dc WfpLwf - ok
17:08:02.0674 0x04dc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:08:02.0685 0x04dc WIMMount - ok
17:08:02.0700 0x04dc WinDefend - ok
17:08:02.0703 0x04dc WinHttpAutoProxySvc - ok
17:08:02.0747 0x04dc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:08:02.0788 0x04dc Winmgmt - ok
17:08:02.0861 0x04dc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
17:08:02.0908 0x04dc WinRM - ok
17:08:02.0970 0x04dc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:08:02.0989 0x04dc WinUsb - ok
17:08:03.0019 0x04dc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
17:08:03.0048 0x04dc Wlansvc - ok
17:08:03.0175 0x04dc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:08:03.0221 0x04dc wlidsvc - ok
17:08:03.0241 0x04dc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:08:03.0263 0x04dc WmiAcpi - ok
17:08:03.0288 0x04dc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:08:03.0299 0x04dc wmiApSrv - ok
17:08:03.0319 0x04dc WMPNetworkSvc - ok
17:08:03.0339 0x04dc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
17:08:03.0374 0x04dc WPCSvc - ok
17:08:03.0381 0x04dc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:08:03.0391 0x04dc WPDBusEnum - ok
17:08:03.0412 0x04dc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:08:03.0434 0x04dc ws2ifsl - ok
17:08:03.0443 0x04dc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
17:08:03.0467 0x04dc wscsvc - ok
17:08:03.0469 0x04dc WSearch - ok
17:08:03.0538 0x04dc [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\windows\system32\wuaueng.dll
17:08:03.0611 0x04dc wuauserv - ok
17:08:03.0642 0x04dc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:08:03.0693 0x04dc WudfPf - ok
17:08:03.0734 0x04dc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:08:03.0761 0x04dc WUDFRd - ok
17:08:03.0786 0x04dc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:08:03.0813 0x04dc wudfsvc - ok
17:08:03.0849 0x04dc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
17:08:03.0870 0x04dc WwanSvc - ok
17:08:03.0875 0x04dc ================ Scan global ===============================
17:08:03.0893 0x04dc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:08:03.0979 0x04dc [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
17:08:03.0993 0x04dc [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
17:08:04.0016 0x04dc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
17:08:04.0067 0x04dc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
17:08:04.0074 0x04dc [ Global ] - ok
17:08:04.0075 0x04dc ================ Scan MBR ==================================
17:08:04.0083 0x04dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:08:04.0158 0x04dc \Device\Harddisk0\DR0 - ok
17:08:04.0159 0x04dc ================ Scan VBR ==================================
17:08:04.0161 0x04dc [ 8522DD43AF9278E860B9875A115585B2 ] \Device\Harddisk0\DR0\Partition1
17:08:04.0241 0x04dc \Device\Harddisk0\DR0\Partition1 - ok
17:08:04.0278 0x04dc [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
17:08:04.0278 0x04dc \Device\Harddisk0\DR0\Partition2 - ok
17:08:04.0284 0x04dc [ 690B03832330AE69CC3CBF6143384CC7 ] \Device\Harddisk0\DR0\Partition3
17:08:04.0350 0x04dc \Device\Harddisk0\DR0\Partition3 - ok
17:08:04.0369 0x04dc [ 48AA405F0338D59FC22ED65C52C66800 ] \Device\Harddisk0\DR0\Partition4
17:08:04.0370 0x04dc \Device\Harddisk0\DR0\Partition4 - ok
17:08:04.0371 0x04dc ================ Scan generic autorun ======================
17:08:04.0414 0x04dc [ 0D997D69A624B2A04EED0B64F2092642, 67B34F6EDF0BA7C2C2BD11D6F8423FAB7AE6D7672220AACE31B632081EA25E35 ] C:\Program Files\IDT\WDM\beats64.exe
17:08:04.0464 0x04dc BeatsOSDApp - ok
17:08:04.0465 0x04dc SysTrayApp - ok
17:08:04.0619 0x04dc [ 6C1D16D4275DBC2B4D05377BF9408319, 38443F6EDB2E4C0210BC8A157C0699E63450ED4F1CE5C2A8D45ACC7A6BB67314 ] C:\Program Files\AMD\CNext\CNext\cnext.exe
17:08:04.0710 0x04dc StartCN - ok
17:08:04.0755 0x04dc [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:08:04.0772 0x04dc avgnt - ok
17:08:04.0812 0x04dc [ 257733A9EE4FFFC2842CE4F294367A9D, AE55D3FBB85D8754515BA1DFBDF86894000F722FA6CD5C4231174600727F2031 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:08:04.0819 0x04dc Avira Systray - ok
17:08:04.0871 0x04dc [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:08:04.0891 0x04dc SunJavaUpdateSched - ok
17:08:04.0954 0x04dc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:05.0023 0x04dc Sidebar - ok
17:08:05.0036 0x04dc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:05.0048 0x04dc mctadmin - ok
17:08:05.0069 0x04dc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:05.0094 0x04dc Sidebar - ok
17:08:05.0098 0x04dc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:05.0110 0x04dc mctadmin - ok
17:08:05.0110 0x04dc Waiting for KSN requests completion. In queue: 284
17:08:06.0110 0x04dc Waiting for KSN requests completion. In queue: 284
17:08:07.0110 0x04dc Waiting for KSN requests completion. In queue: 284
17:08:07.0876 0x06a0 Object required for P2P: [ 8305FB462C325A67628E0556DF244B8B ] TeamViewer
17:08:08.0110 0x04dc Waiting for KSN requests completion. In queue: 84
17:08:09.0110 0x04dc Waiting for KSN requests completion. In queue: 84
17:08:10.0110 0x04dc Waiting for KSN requests completion. In queue: 84
17:08:10.0630 0x06a0 Object send P2P result: true
17:08:10.0638 0x06a0 Object required for P2P: [ AA3E844A2595B1AA5825C70CA50D963E ] wuauserv
17:08:11.0110 0x04dc Waiting for KSN requests completion. In queue: 14
17:08:12.0110 0x04dc Waiting for KSN requests completion. In queue: 14
17:08:13.0110 0x04dc Waiting for KSN requests completion. In queue: 14
17:08:13.0393 0x06a0 Object send P2P result: true
17:08:13.0395 0x06a0 Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:08:14.0110 0x04dc Waiting for KSN requests completion. In queue: 5
17:08:15.0110 0x04dc Waiting for KSN requests completion. In queue: 5
17:08:16.0110 0x04dc Waiting for KSN requests completion. In queue: 5
17:08:16.0137 0x06a0 Object send P2P result: true
17:08:17.0121 0x04dc AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
17:08:17.0124 0x04dc Win FW state via NFP2: disabled ( trusted )
17:08:19.0798 0x04dc ============================================================
17:08:19.0798 0x04dc Scan finished
17:08:19.0798 0x04dc ============================================================
17:08:19.0803 0x0a30 Detected object count: 0
17:08:19.0803 0x0a30 Actual detected object count: 0
|
|
12.12.2015, 17:18
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Ist die Mail noch vorhanden bzw. kannst Du diese weiterleiten? Schritt 1 Echtzeitschutz des Virenscanners abschalten.  Schritt 2  Scan mit Combofix
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.12.2015, 18:25
| #6 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Die Mail ist schon gelöscht. Hatte vier Fehlermeldungen bei ComboFix, Bilder im Anhang. Code:
ATTFilter ComboFix 15-12-12.01 - **** 12.12.2015 18:00:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8148.5420 [GMT 1:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\****\3083d5e4577040599401e338798487e5.jpg
c:\users\****\AppData\Local\Temp\7zS3986\HPSLPSVC64.DLL
c:\users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-11-12 bis 2015-12-12 ))))))))))))))))))))))))))))))
.
.
2015-12-12 17:05 . 2015-12-12 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-12 13:13 . 2015-12-12 13:15 -------- d-----w- C:\FRST
2015-12-12 00:05 . 2015-12-12 13:38 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-12 00:05 . 2015-12-12 00:05 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-12-12 00:05 . 2015-12-12 00:05 -------- d-----w- c:\programdata\Malwarebytes
2015-12-12 00:05 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-12 00:05 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-12 00:05 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-06 14:15 . 2015-12-06 14:15 -------- d-----w- c:\users\****\AppData\Roaming\library_dir
2015-12-06 14:14 . 2015-12-06 14:24 -------- d-----w- c:\users\****\AppData\Roaming\Raptr
2015-12-06 14:14 . 2015-12-06 14:15 -------- d-----w- c:\program files (x86)\Raptr
2015-12-06 14:14 . 2015-12-06 14:14 -------- d-----w- c:\users\****\AppData\Local\AMD
2015-12-06 14:13 . 2015-12-06 14:13 -------- d-----w- c:\program files (x86)\AMD
2015-12-06 14:06 . 2015-12-06 14:14 -------- d-----w- c:\program files\AMD
2015-12-03 00:30 . 2015-12-03 00:30 -------- d-----w- c:\users\****\AppData\Local\CrashRpt
2015-12-02 00:01 . 2015-12-02 00:01 -------- d-----w- c:\users\****\AppData\Local\LogView Studio
2015-12-02 00:00 . 2015-12-02 00:00 -------- d-----w- c:\program files (x86)\LogView Studio
2015-12-01 23:13 . 2015-12-01 23:14 -------- d-----w- c:\users\****\AppData\Local\NETGEARGenie
2015-12-01 23:13 . 2015-12-01 23:13 369168 ----a-w- c:\windows\system32\wpcap.dll
2015-12-01 23:13 . 2015-12-01 23:13 35344 ----a-w- c:\windows\system32\drivers\npf.sys
2015-12-01 23:13 . 2015-12-01 23:13 106000 ----a-w- c:\windows\system32\packet.dll
2015-12-01 23:10 . 2015-12-01 23:10 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-11-18 13:18 . 2015-11-18 13:23 -------- d-----w- c:\programdata\Easybits Magic Desktop for HP
2015-11-18 08:20 . 2015-11-18 08:20 118608 ----a-w- c:\windows\system32\amdave64.dll
2015-11-18 08:20 . 2015-11-18 08:20 110344 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-11-18 08:20 . 2015-11-18 08:20 141792 ----a-w- c:\windows\system32\amdhcp64.dll
2015-11-18 08:20 . 2015-11-18 08:20 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-11-18 08:20 . 2015-11-18 08:20 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-11-18 08:20 . 2015-11-18 08:20 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-11-18 08:20 . 2015-11-18 08:20 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-11-18 08:20 . 2015-11-18 08:20 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-11-18 08:20 . 2015-11-18 08:20 120656 ----a-w- c:\windows\system32\atiu9p64.dll
2015-11-18 08:19 . 2015-11-18 08:19 9017808 ----a-w- c:\windows\system32\atiumd6a.dll
2015-11-18 08:19 . 2015-11-18 08:19 10815664 ----a-w- c:\windows\system32\atiumd64.dll
2015-11-18 08:17 . 2015-11-18 08:17 296648 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-11-18 08:13 . 2015-11-18 08:13 23960064 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-11-18 08:08 . 2015-11-18 08:08 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-11-18 08:08 . 2015-11-18 08:08 49984000 ----a-w- c:\windows\system32\amdocl64.dll
2015-11-18 08:02 . 2015-11-18 08:02 41510912 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-11-18 07:58 . 2015-11-18 07:58 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-18 07:57 . 2015-11-18 07:57 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-11-18 07:50 . 2015-11-18 07:50 27596288 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-11-18 07:49 . 2015-11-18 07:49 22348288 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-11-18 05:50 . 2015-11-18 05:50 677888 ----a-w- c:\windows\system32\amdlvr64.dll
2015-11-18 05:48 . 2015-11-18 05:48 562688 ----a-w- c:\windows\SysWow64\amdlvr32.dll
2015-11-18 05:46 . 2015-11-18 05:46 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-11-18 05:46 . 2015-11-18 05:46 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-11-18 05:46 . 2015-11-18 05:46 6643200 ----a-w- c:\windows\system32\amdmantle64.dll
2015-11-18 05:14 . 2015-11-18 05:14 5223936 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-11-18 04:48 . 2015-11-18 04:48 96256 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-11-18 04:48 . 2015-11-18 04:48 89088 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-11-18 04:05 . 2015-11-18 04:05 31376896 ----a-w- c:\windows\system32\atio6axx.dll
2015-11-18 03:43 . 2015-11-18 03:43 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-11-18 03:43 . 2015-11-18 03:43 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-11-18 03:43 . 2015-11-18 03:43 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-11-18 03:43 . 2015-11-18 03:43 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-11-18 03:43 . 2015-11-18 03:43 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-11-18 03:43 . 2015-11-18 03:43 15711744 ----a-w- c:\windows\system32\aticaldd64.dll
2015-11-18 03:40 . 2015-11-18 03:40 25840128 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-11-18 03:40 . 2015-11-18 03:40 865280 ----a-w- c:\windows\system32\coinst_15.30.dll
2015-11-18 03:40 . 2015-11-18 03:40 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-11-18 03:32 . 2015-11-18 03:32 50688 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-11-18 03:32 . 2015-11-18 03:32 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-11-18 03:26 . 2015-11-18 03:26 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-11-18 03:26 . 2015-11-18 03:26 223744 ----a-w- c:\windows\system32\dgtrayicon.exe
2015-11-18 03:25 . 2015-11-18 03:25 162304 ----a-w- c:\windows\system32\atieah64.exe
2015-11-18 03:25 . 2015-11-18 03:25 145408 ----a-w- c:\windows\SysWow64\atieah32.exe
2015-11-18 03:25 . 2015-11-18 03:25 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2015-11-18 03:25 . 2015-11-18 03:25 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
2015-11-18 03:25 . 2015-11-18 03:25 31744 ----a-w- c:\windows\system32\atimuixx.dll
2015-11-18 03:25 . 2015-11-18 03:25 552448 ----a-w- c:\windows\system32\atieclxx.exe
2015-11-18 03:24 . 2015-11-18 03:24 246272 ----a-w- c:\windows\system32\atiesrxx.exe
2015-11-18 03:22 . 2015-11-18 03:22 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-11-18 02:58 . 2015-11-18 02:58 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-11-18 02:58 . 2015-11-18 02:58 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-11-18 02:54 . 2015-11-18 02:54 1272832 ----a-w- c:\windows\system32\atiadlxx.dll
2015-11-18 02:54 . 2015-11-18 02:54 941568 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-11-18 02:54 . 2015-11-18 02:54 941568 ----a-w- c:\windows\SysWow64\atiadlxx.dll
2015-11-18 02:54 . 2015-11-18 02:54 75776 ----a-w- c:\windows\system32\atig6pxx.dll
2015-11-18 02:54 . 2015-11-18 02:54 70144 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-11-18 02:54 . 2015-11-18 02:54 70144 ----a-w- c:\windows\system32\atiglpxx.dll
2015-11-18 02:54 . 2015-11-18 02:54 157696 ----a-w- c:\windows\system32\atig6txx.dll
2015-11-18 02:53 . 2015-11-18 02:53 142336 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-11-18 02:53 . 2015-11-18 02:53 671232 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-11-18 02:45 . 2015-11-18 02:45 195072 ----a-w- c:\windows\system32\hsa-thunk64.dll
2015-11-18 02:45 . 2015-11-18 02:45 174592 ----a-w- c:\windows\SysWow64\hsa-thunk.dll
2015-11-18 02:43 . 2015-11-18 02:43 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-11-14 12:43 . 2015-11-14 12:43 -------- d-----w- c:\program files\Senselock
2015-11-14 12:43 . 2015-11-14 12:43 -------- d-----w- c:\users\****\.AnyLogicUniversity
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-09 15:57 . 2012-06-15 00:12 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-09 15:57 . 2012-06-15 00:12 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-01 23:09 . 2014-01-20 05:04 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 11:08 . 2013-08-07 07:40 75472 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-12-01 11:08 . 2013-08-07 07:40 162072 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-12-01 11:08 . 2013-08-07 07:40 140448 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-11-18 08:20 . 2012-12-25 19:45 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-11-18 08:20 . 2012-09-28 01:11 152568 ----a-w- c:\windows\system32\atiuxp64.dll
2015-11-18 08:20 . 2012-02-14 13:12 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-11-18 08:20 . 2012-02-14 14:17 1496736 ----a-w- c:\windows\system32\aticfx64.dll
2015-11-18 08:20 . 2012-12-25 19:45 1229984 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-11-18 08:20 . 2012-02-14 13:52 13189336 ----a-w- c:\windows\system32\atidxx64.dll
2015-11-18 08:20 . 2012-12-25 19:44 10907328 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-11-18 08:19 . 2012-09-28 01:22 8089248 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-11-18 08:19 . 2012-09-28 02:23 9070320 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-09-18 00:38 . 2015-09-18 00:38 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2015-09-18 00:37 . 2015-09-18 00:37 103424 ----a-w- c:\windows\system32\DelayAPO.dll
2015-09-15 02:42 . 2015-09-15 02:42 0 ----a-w- c:\windows\SysWow64\REN904.tmp
2010-01-15 08:36 . 2013-07-15 19:56 75040 ----a-w- c:\program files (x86)\Common Files\SpeechUninstall.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-12-01 803200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-14 190032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
"StartCN"="c:\program files\AMD\CNext\CNext\cnext.exe" [2015-11-18 4859592]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE05.00.00.01PRO"="B2A1C7A07AB1295CD932C0F95361349DEB8CCBA3BEA04C52E4B7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452C038D530D6EB34528EDD5E5BE2F6E667A13C96BBE6B4B42C92B3DD54E2AA6586D788FBF2C8C0AA9448DF228F79780B970EE151CE1D9420AF8DA601FAC12D4A36C4FA6241121CF66F50ED2D4F92B6F6FEEDB17EAE7A52E6BC9B4CC781129DA4CABE99CA01224BD1076299AB54808974447E120D34184B12D6D300C06091DD6DF2D65303660353C859A888CB2EB33DC0CFA2FE2DE96EB12F7472AF3EBF64A3A353BFAD9F551F90E956ED72052201F01C82DE84D391DC095002D35F577D93F84C8353BF766A483048E225268CA42397CAAB5FC5BA9F25298A5DFC286429873CEA8F0B35257431B47CD96184DE65367B94926F785E3D6DC078D91331050C121E0D77875007F3F3F6A1065D033DBF3CB548F00268804541CF36BEE23E9A1CE5A43FAF8DE3C1218B21D82973AAABC99A37B574AD72A64A0FABE64659204B0919AA149F85D93CE55AB04479A718F14A9B4431402B89980F277CAE200B3E81B4A95CA3A3F8AC216123F80C9E1D7D1B3CEAF29369D9B3E38DC13E39EE2E146B32F43C888C1AEC60658EA15CB59B217A509AB039F93A8B5AF07944B2CA9DB1FB4D3FA0DF1D3CBEACF8A9A463D092D8A16921BD0370F2BF919A4BB04DBE58B967022FB1CD8DD55C7C56E3D056F29195689ED52C56BE4E90611F9BFCBE4781632A83516F770B058F8B6B92C96C184E576C3D78E39ACA3856E7C62EF6BF5A5F79003593A989B4883AD8DCEC84E0AA20B20DC229A2BDEDC47A868D303E0F5DDCDBECB3CA87B01E44CFA87E90CDF20D8551EF636C75AE77A9FBE0A5ADC7ED2B89FDB549AD0221CFBE5980DC7D4267931FF07A072D43E3A9BFECE0F01BDD22941867E57958661146A6F2AC3519578507B0E2DA49B84154B885F1348BCD1B74DADE334AF8C8D83AF0CACB3B7AA9511926240B017840FB7ECF9C48CB3E00F135B6DA0FF531634CDC349F2980D35C4D71A086E4201958D2E00D4BBB5C0C502532D0A741BFC0EF0CB9683B63931BC238E11B087B31E27BFA0281FAAFDF28C150C3C90A1EBFF798B51958DA66CEDECFD5C2AF7DF17141867A6A353B1992FC39DD43B5E91356DCED3BC4C4DDB252625D3B70EAE07C5ED3BA2EA5203B847624038F8D98D01DA3A963E00CE149DB7F9B2756C84DCE64BD6DBDC5C532528E5071CBF905EF6C528FCACE4341D7C30B7F344CE2B04D8608981619455DCAFAE9296628858FAA92D7C3616DCDBAC11A7C3C8C53758ED26F57B809BA030742D15D4DBD0C7095A9386B2D44DDC25331BA8065B4A3F3CF3A1158AFB672AC5E629AC24FE2D2C98446F859FE7C23B869293BFAEDF6891A"
"OOSE06.00.00.01PRO"="40480E65DC60429622B70C446B8459C8838826A54852934E08A96DB1CB44E21B6E10717A2529D1B0D954E2E70907D597EDDD1FBB3C0BFCE3B9997B19E38D64C8FAC667A62B25FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67945F98AB2225D6097175BC89A5BC0F8497A4820B37A19AA9624D378521FC5174D96E1985DFF8D808D99C71886961BF582050BA8C0915309AF578D6E848C5AC8BDDE0D2FBE985DC03D576C1A7762D6F592FC020A15487849DE7C44D09F2553294262C0E57849C8D9335B8A51DCAC5C8209A907D0CF09466E738575655F15E74827C9497D599225B89286F1B1209663E771F309E0358E9E6E24B2330B2B8A244FC8EB63CA73411FB68C47A222577DC856259E6D4B0AACCDB2D67F29CF65FFBB8DCE90053F106F4E569838EBE677E0C17134C4BF8B5AA136117B8E463F0A1562E3106B2B14E6570D4F542B279602CE931745ECBE025BE2953A64D6ACEDFE031443D3867B34949B8CAAFC2426009338053205AA76D83728C56959A482DF61EA2DBF6BF883963CF158B68A96E83CF6A6DC2696D747ECE74D24D51761B525E03D09E88BB53A613B9669DA702B9F61749640AD3AA1A797416A1E5FA1C4D13325C7975D0B0DB62406A9ACE29B6FBD334EFAAF5188857C858D0350C68ACA2CB03186C11620609D8C7ECB8AE5D1AE1B7711E9B16A162BA59503E5CF1A32AAF59D4CB0EE4050A15797B6DD991E6636A410D3CA3C091742A1F289D7A1069FB601F9EAE56A6B0EB0EB71F3C2B8E1DA96916B8D24790BDE2DE0C9FD1079C2C6EEF85CC1B52511640590C6ECEEC838CEB07DE9A8E1B60AC33E49CE7E08C1990AFF275401421A5167FAAF013BD769074893EC84D444AD19BD09DCDAAF6AA46EF544CDCCD3BF7A648078EE530462F18474A6083DD67924BFA89BCA17F62152B58D337303A591E1AF695E2EF5AC895432ED68FC4CE1347F3708E4B9B789593118B08C065C4D9718C21CFDB9699CB39FD82BBC4449505CCBB547827C817290085FEB14CF69B4D604CF8BF7FE36DF5C179D6EA4B3F9D9E9E5031C080B352D54BDB5B748DE2E3E6F06CE3CFA7694415E6A9EB3AC276C3E5CBA9C945DB70967B76AA7FD58FAD347E3A45FDD004B9059A7744BA629E2EDA85740091491292C11E9ACAFBC3305B1A9169F016F8176C079AD2496E80A72E274B51D031724FB4266262DA960BA0F9953E3ECDACDE379E984FEDF5E617F944E5A7ABDB844B16750D158D3D49E1E69599488C81F97E11EDF913D4CE368A82C1C1B1E0289EC3B9752FA4ED1841DD5CC08E993E70673AA17F61E9231E262588F9DE24E3FDC0ABE359BCA26CD45FF9B014D0BB4D481555BB7976F609EC31942246"
"OOSE07.00.00.01PRO"="191B7B2C4B2649F1FAE05C9DBE630C0D95A9B7E2850684A5E39585925607809C6BAEC7B752A556CB0A0E29FA9F29069B4C4C2710857F74D7593ED401A2A3AFE27009AA3E2F53C62CEE005D82CE9D2B82ED58568B7136B0A9EAA7299C489E8BCF04B2A7514820EBC0409281C4B9161EF96B20EB82DF814C8201B866CFA6F53718A6CA09BBE4CE99ACB53ADC86B43A04B4D48CD1554E10DBBEA66EBAB6827DD9647E01D7F5B377A984AFF9FCC0F30786D1E396B69B1B647A2D8C59932603DB20D153FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933FEBC9E127BECC74CA6171C11EC38DE3DEBA6FCCC7E7E19B6A40DE7DAEF34CFB7A32C4D9E31B5B7F73DFE5F908FFCCD42D324731D093605CA16A0C0573D8A75AB9329F5BD9B6CD5EE1C871D05F38BCA2B6D0253044EC00029385FC8210F1919256D7298D2716D68905D38EAB9528481752E886B3AC64E13DB95D38CB583A58F45EEEF9CC818ACB13795F82CA0F32E42D49CC03B5BC195B78D4AC5497B8FF6A251694D9EEB462467DF6979F88FF352CFA0D4F7F9E45FD2E10E05C6F1BAF7D710B241FBEDED09CDB42D95A79E41433DE05284C112BB17C2F1528BA8AD9ED89907F472AE8CE3BF2DB6E4653A9E5428419F09EFF31EA731A842F0B58256389F0F2E49075EB3C79CC480F0BCAAABCABA34AC896F28F152CBCC9DA570307A7D100E1E062247CD76A91F17DF1136308B66EF1BB76B3D934D5878C451BAD05DC440F46322F8E87A3141C6F3626EDB4760ED516FA1E554B98A9E796B782947744A1CA2FE3C53878E1E934D854EF06441F7E43BA77471D454613623B94164BA6AB0607AE69411AB1046A3C82F9F4DD52364B3133102B4E7050E0ECC4B782A951F7A2263838F21A13C974B4FC57146FE269D99C1EFC3EA7C1FAF6751318E47882490C6CAB1B50A79006234801308397036FB24343A5364C42E49580E6E17A2853FBF0A1E4335E407805D607A56C6937EF2BE3ADD5B6F04366EC24B66FA48B4446BB7F8537BDEDE629620A0E13FBAD6C433091434137BC00B5367FBC0C3010840580DF8DF16A638E7CA2A1E61778F1A9E7DE0BEAF12FD25C17F667D08283FBDB7E6383E413D26C7B85EDAD5A4151888AC8EAE9ACE82A1D19C4FD2362A7C278AAEAF16D4F6141AF637C579955B29C9DD555844DB92FCB579214F255F1B0901366B7A669B83AE63C10D262E833C34BE6EC0FDD10C81912DE31AC0B8075108389CF9C7CDC46F958739A4DC87157D2DB49FDDD76E0825439FEB94984B8D46AC5DAFA8CAD5D745472E0530F87417DD7D8DEC5BF213808A884600E40102AAF997A3F10B68E82F9634A45B223E4DA89D034FE23090207A43CD01A59F58E2E6EDE3E27CF83B59F8F4C1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-12-12 18:16:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-12-12 17:16
.
Vor Suchlauf: 15 Verzeichnis(se), 593.903.407.104 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 593.174.347.776 Bytes frei
.
- - End Of File - - CDFFBA524FA1061448BB0AF61190A8A6
5FB38429D5D77768867C76DCBDB35194
|
|
12.12.2015, 18:30
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Routinescans: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2  
Schritt 3   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.12.2015, 19:22
| #8 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 12/12/2015 um 18:43:41
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-12.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : **** - PC****
# Gestartet von : C:\Users\****\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [991 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12.12.2015 Suchlaufzeit: 18:48 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.12.04 Rootkit-Datenbank: v2015.12.07.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: **** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 375511 Abgelaufene Zeit: 24 Min., 52 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter LastRegBack: 2015-12-10 16:04
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-12 19:16:18)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version: - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version: - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
29-11-2015 00:00:01 Geplanter Prüfpunkt
06-12-2015 01:14:36 Geplanter Prüfpunkt
06-12-2015 15:06:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
06-12-2015 15:09:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
12-12-2015 17:59:01 ComboFix created restore point
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-12-12 18:10 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-12 18:45 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 06:47:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 06:46:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 06:46:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/12/2015 06:11:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Systemfehler:
=============
Error: (12/12/2015 06:47:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/12/2015 06:46:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 06:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 06:44:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/12/2015 06:44:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/12/2015 06:44:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-12-12 18:05:26.824
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 18:05:26.779
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 6235.82 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13835.99 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:552.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
12.12.2015, 19:24
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 OK, jetzt bitte Suchscan mit ESET: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.12.2015, 21:22
| #10 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Hier der Log, Avira hat auch gemeckert... Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# end=init
# utc_time=2015-12-12 06:46:50
# local_time=2015-12-12 07:46:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27167
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# end=updated
# utc_time=2015-12-12 06:48:33
# local_time=2015-12-12 07:48:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# engine=27167
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-12 08:19:31
# local_time=2015-12-12 09:19:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 573995 201581421 0 0
# scanned=232530
# found=9
# cleaned=0
# scan_time=5458
sh=C3DEFA5E775E1CE7EEA8FAE67FA3E504A513DF4F ft=1 fh=eb3ef09612dbcc7f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir"
sh=7F80338F92F336DF2F747EE304EA99F98733D7EF ft=1 fh=a20bcc0e72d988a6 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir"
sh=34560DDE92CC541AE16932D02887F5CE880DC4C8 ft=1 fh=e95166d450b773b3 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir"
sh=1C88A7C4FD5E9BBE5F558AB731149EC1E59A67AC ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ffsearch_toolbar!1.0.0.1031.xpi.vir"
sh=A71D8EBDBF6DB1BF2092D520DBD79481F74F141C ft=1 fh=e8458438005d3d26 vn="Variante von Win32/ELEX.DK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir"
sh=948691DF20AD5F76AEBE6CE8DBA1F967C8B6BD0F ft=1 fh=fe4bd6b5ea25d889 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir"
sh=30A0B06E5FCAD6ED80904CCE0D7E1381168083DB ft=1 fh=294b55fbb91ab494 vn="Variante von Win32/ELEX.EE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir"
sh=71D99FDEF48B6FDB438667909B2890E1EE58F983 ft=1 fh=ee8c3f688aac34ed vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\SWSETUP\APP\Applications\Corel\WinZipTrial\16.0\src\winzip160.exe"
|
|
13.12.2015, 09:34
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Zu Avira sag ich besser nichts... Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.12.2015, 11:38
| #12 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Hallo, wie meinst du? sollte ich einen anderen Virenschutz nehmen? Direkt Probleme mit dem PC gab/gibt es nicht, ist er jetzt sicher? Oder war er garnicht wirklich infiziert? Der Online Scanner hat ja 9 Sachen gefunden oder sind die harmlos? Danke |
|
13.12.2015, 16:32
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Die Funde sind irrelevant weil Quarantäne oder PUP. Bitte noch ein frisches FRST-Log bevor wir dann fertig sind: Schritt 1 Bitte starte FRST erneut, und drücke auf Untersuchen. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.12.2015, 16:41
| #14 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 Ok, hier die Logs Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015
durchgeführt von **** (Administrator) auf PC**** (13-12-2015 16:34:40)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D321F810-E538-462A-886F-625BD4CA29E7}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Downloads Window - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2015-09-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-13 16:34 - 2015-12-13 16:34 - 00016710 _____ C:\Users\****\Desktop\FRST.txt
2015-12-12 18:38 - 2015-12-12 18:38 - 01738240 _____ C:\Users\****\Desktop\AdwCleaner_5.024.exe
2015-12-12 18:21 - 2015-12-12 19:53 - 00000000 ____D C:\Users\****\Desktop\combofix
2015-12-12 18:16 - 2015-12-12 18:16 - 00030558 _____ C:\ComboFix.txt
2015-12-12 17:58 - 2015-12-12 18:16 - 00000000 ____D C:\Qoobox
2015-12-12 17:58 - 2015-12-12 18:14 - 00000000 ____D C:\windows\erdnt
2015-12-12 17:58 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-12-12 17:58 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-12-12 17:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-12-12 17:56 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-12-12 17:56 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-12-12 17:56 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-12-12 17:56 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-12-12 17:55 - 2015-12-12 17:56 - 05640685 ____R (Swearware) C:\Users\****\Desktop\ComboFix.exe
2015-12-12 17:55 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-12 17:55 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-12 17:55 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-12 17:55 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-12 17:06 - 2015-12-12 17:14 - 00204710 _____ C:\TDSSKiller.3.1.0.8_12.12.2015_17.06.39_log.txt
2015-12-12 17:05 - 2015-12-12 17:05 - 04676456 _____ (Kaspersky Lab ZAO) C:\Users\****\Desktop\tdsskiller.exe
2015-12-12 14:13 - 2015-12-13 16:34 - 00000000 ____D C:\FRST
2015-12-12 14:07 - 2015-12-12 14:07 - 02369536 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-12-12 01:05 - 2015-12-12 18:48 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-12 01:05 - 2015-12-12 01:05 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-12 01:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-12-11 23:13 - 2015-12-12 03:32 - 00000000 ____D C:\Users\****\Desktop\Kollegah-Zuhaeltertape - Volume_4
2015-12-06 16:17 - 2015-12-12 19:12 - 00000000 ____D C:\Users\****\Desktop\Eminem - Detroit King
2015-12-06 15:21 - 2015-12-06 15:21 - 00004230 _____ C:\windows\System32\Tasks\AMD Updater
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\Users\****\AppData\Roaming\library_dir
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-06 15:14 - 2015-12-06 15:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Raptr
2015-12-06 15:14 - 2015-12-06 15:15 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\Users\****\AppData\Local\AMD
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-06 15:13 - 2015-12-06 15:13 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-06 15:06 - 2015-12-06 15:14 - 00000000 ____D C:\Program Files\AMD
2015-12-06 15:04 - 2015-12-06 15:04 - 04947168 _____ (Advanced Micro Devices, Inc.) C:\Users\****\Desktop\autodetectutility.exe
2015-12-05 16:17 - 2015-12-05 16:17 - 19917892 _____ C:\Users\****\bedienungsanleitung_telefonanlage_digitalisierungsbox_premium.pdf
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\Documents\Square Enix
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\AppData\Local\CrashRpt
2015-12-02 01:35 - 2015-12-02 01:37 - 576022554 _____ C:\Users\****\Desktop\The.Waking.Ded.S06E08.Ger.Dub.WHRiP.XviD-FIJ.avi
2015-12-02 01:01 - 2015-12-02 01:01 - 00000000 ____D C:\Users\****\AppData\Local\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Program Files (x86)\LogView Studio
2015-12-02 00:13 - 2015-12-02 00:14 - 00000000 ____D C:\Users\****\AppData\Local\NETGEARGenie
2015-12-02 00:13 - 2015-12-02 00:13 - 00369168 _____ (CACE Technologies, Inc.) C:\windows\system32\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00106000 _____ (CACE Technologies, Inc.) C:\windows\system32\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2015-11-28 18:57 - 2015-11-13 22:16 - 1506175152 _____ C:\Users\****\Desktop\Knock.Out.UNCUT.avi
2015-11-27 17:42 - 2015-11-27 17:42 - 00123056 _____ C:\Users\****\Desktop\spirit-fw-1.3.2.4df
2015-11-18 14:18 - 2015-11-18 14:23 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP
2015-11-18 09:20 - 2015-11-18 09:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2015-11-18 09:17 - 2015-11-18 09:17 - 00296648 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2015-11-18 09:13 - 2015-11-18 09:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2015-11-18 09:08 - 2015-11-18 09:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2015-11-18 09:08 - 2015-11-18 09:08 - 00235008 _____ C:\windows\system32\clinfo.exe
2015-11-18 09:02 - 2015-11-18 09:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2015-11-18 08:58 - 2015-11-18 08:58 - 00065024 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-11-18 08:57 - 2015-11-18 08:57 - 00059392 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-11-18 08:50 - 2015-11-18 08:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl12cl64.dll
2015-11-18 08:49 - 2015-11-18 08:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl12cl.dll
2015-11-18 06:50 - 2015-11-18 06:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2015-11-18 06:48 - 2015-11-18 06:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2015-11-18 06:14 - 2015-11-18 06:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\SysWOW64\atiapfxx.blb
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\system32\atiapfxx.blb
2015-11-18 05:05 - 2015-11-18 05:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2015-11-18 04:43 - 2015-11-18 04:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 00865280 _____ (AMD) C:\windows\system32\coinst_15.30.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2015-11-18 04:27 - 2015-11-18 04:27 - 03437632 _____ C:\windows\system32\atiumd6a.cap
2015-11-18 04:26 - 2015-11-18 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2015-11-18 04:26 - 2015-11-18 04:26 - 00223744 _____ C:\windows\system32\dgtrayicon.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00552448 _____ (AMD) C:\windows\system32\atieclxx.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00204800 _____ C:\windows\system32\amdgfxinfo64.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00189952 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00162304 _____ C:\windows\system32\atieah64.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00145408 _____ C:\windows\SysWOW64\atieah32.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00031744 _____ (AMD) C:\windows\system32\atimuixx.dll
2015-11-18 04:24 - 2015-11-18 04:24 - 00246272 _____ (AMD) C:\windows\system32\atiesrxx.exe
2015-11-18 04:22 - 2015-11-18 04:22 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2015-11-18 04:10 - 2015-11-18 04:10 - 03471376 _____ C:\windows\SysWOW64\atiumdva.cap
2015-11-18 03:58 - 2015-11-18 03:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2015-11-18 03:58 - 2015-11-18 03:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2015-11-18 03:53 - 2015-11-18 03:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2015-11-18 03:53 - 2015-11-18 03:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00195072 _____ C:\windows\system32\hsa-thunk64.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00174592 _____ C:\windows\SysWOW64\hsa-thunk.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Users\****\.AnyLogicUniversity
2015-11-13 15:33 - 2015-11-24 06:09 - 00000000 ____D C:\Users\****\Desktop\twd
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-13 15:57 - 2012-08-04 13:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-13 13:11 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-13 12:39 - 2012-06-15 00:44 - 18166598 _____ C:\windows\system32\perfh007.dat
2015-12-13 12:39 - 2012-06-15 00:44 - 05656762 _____ C:\windows\system32\perfc007.dat
2015-12-13 12:39 - 2009-07-14 06:13 - 00006504 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-13 12:39 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-13 12:39 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-13 12:33 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-13 12:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-13 12:11 - 2015-06-05 14:37 - 00000000 ____D C:\AdwCleaner
2015-12-12 19:13 - 2012-07-19 14:49 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E6CFB42A-8A13-45D3-BB3C-832EB88BB857}
2015-12-12 19:12 - 2012-07-23 23:13 - 00000000 ____D C:\Users\****\AppData\Roaming\Mp3tag
2015-12-12 18:10 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-12-12 18:09 - 2009-07-14 03:34 - 00524288 _____ C:\windows\system32\config\DEFAULT.bak
2015-12-12 18:09 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-12-12 18:09 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SAM.bak
2015-12-12 18:08 - 2009-07-14 03:34 - 44564480 _____ C:\windows\system32\config\components.bak
2015-12-12 18:05 - 2012-07-19 14:44 - 00000000 ____D C:\Users\****
2015-12-12 18:05 - 2009-07-14 06:32 - 00000000 ____D C:\windows\Downloaded Program Files
2015-12-12 17:57 - 2012-08-07 11:31 - 00000000 ____D C:\Users\****\AppData\Local\ElevatedDiagnostics
2015-12-12 01:19 - 2013-02-25 23:13 - 00000000 ____D C:\Users\****\Office 2010 Activator v1.4.1.0
2015-12-12 00:26 - 2012-07-22 18:54 - 00000000 ____D C:\Users\****\AppData\Roaming\vlc
2015-12-09 19:50 - 2012-07-22 18:30 - 00000000 ____D C:\Users\****\Desktop\musik
2015-12-09 16:57 - 2012-08-04 13:57 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 16:57 - 2012-06-15 01:12 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:57 - 2012-06-15 01:12 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 15:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-06 15:09 - 2013-12-05 04:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-06 15:06 - 2012-12-25 20:57 - 00000000 ____D C:\AMD
2015-12-06 15:05 - 2012-11-13 15:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 00:02 - 2013-08-11 15:10 - 00000000 ____D C:\Users\****\Desktop\modellbau
2015-12-02 01:00 - 2013-04-05 19:42 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-02 00:53 - 2015-02-18 16:51 - 00000000 ____D C:\HELI-X6
2015-12-02 00:17 - 2015-10-04 20:51 - 00000000 ____D C:\Program Files (x86)\Spirit Settings
2015-12-02 00:17 - 2015-01-24 02:04 - 00001112 _____ C:\Users\Public\Desktop\Spirit Settings.lnk
2015-12-02 00:17 - 2014-09-08 12:30 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spirit Settings.lnk
2015-12-02 00:11 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Oracle
2015-12-02 00:10 - 2015-01-03 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-02 00:10 - 2014-01-20 06:04 - 00000000 ____D C:\Program Files\Java
2015-12-02 00:10 - 2014-01-20 05:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-02 00:10 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-02 00:09 - 2015-09-15 03:41 - 00000000 ____D C:\Users\****\.oracle_jre_usage
2015-12-02 00:09 - 2014-01-20 06:04 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 12:09 - 2013-08-07 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 12:08 - 2013-08-07 08:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-11-28 18:37 - 2012-07-24 13:31 - 00000000 ____D C:\Users\****\AppData\Local\CrashDumps
2015-11-27 21:23 - 2015-04-19 18:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-23 07:03 - 2012-06-15 01:06 - 00000000 ____D C:\ProgramData\Temp
2015-11-23 06:57 - 2014-02-11 14:05 - 00000000 ____D C:\Users\****\Documents\RealFlight 7
2015-11-18 18:14 - 2015-10-17 18:13 - 00000000 ____D C:\Users\****\Desktop\Scandal
2015-11-18 09:20 - 2012-12-25 20:45 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2015-11-18 09:20 - 2012-12-25 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2015-11-18 09:20 - 2012-12-25 20:44 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2015-11-18 09:20 - 2012-09-28 02:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2015-11-18 09:20 - 2012-02-14 15:17 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2015-11-18 09:20 - 2012-02-14 14:52 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2015-11-18 09:20 - 2012-02-14 14:12 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2015-11-18 09:19 - 2012-09-28 03:23 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2015-11-18 09:19 - 2012-09-28 02:22 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2015-11-13 03:26 - 2015-10-29 23:31 - 00000000 ____D C:\Users\****\Desktop\2 Broke Girls - Staffel 4
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-07-15 20:56 - 2010-01-15 09:36 - 0075040 _____ () C:\Program Files (x86)\Common Files\SpeechUninstall.exe
2012-08-29 18:23 - 2013-10-28 06:23 - 0000676 _____ () C:\Users\****\AppData\Roaming\DriveCalculator Preferences
2012-07-19 15:37 - 2012-07-19 15:37 - 0000173 _____ () C:\Users\****\AppData\Local\msmathematics.qat.****
2013-07-12 18:57 - 2013-07-12 18:57 - 0000848 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2014-12-26 10:49 - 2014-12-26 10:49 - 0007605 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\****\adwcleaner_4.206.exe
C:\Users\****\HijackThis.exe
C:\Users\****\MP3QualityModifier.exe
C:\Users\****\TeamViewer_Setup_de.exe
Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 16:04
==================== Ende von FRST.txt ============================
|
|
13.12.2015, 16:42
| #15 |
| | Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-13 16:35:59)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version: - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version: - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
12-12-2015 17:59:01 ComboFix created restore point
13-12-2015 11:52:43 Windows Update
13-12-2015 12:30:53 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-12-12 18:10 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-12 18:45 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-12-02 18:45 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-30 13:23 - 2015-12-10 21:11 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-02 18:45 - 2015-12-10 21:11 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-09-17 15:55 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-12-02 18:45 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-17 15:55 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/13/2015 12:34:53 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/13/2015 12:34:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/13/2015 12:34:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/13/2015 12:02:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/13/2015 12:02:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (12/13/2015 12:02:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Error: (12/13/2015 12:02:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.Linq.Enumerable.First[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.String)
bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.Collections.Generic.List`1<System.String>)
bei Avira.OE.BrowserExtensionConnector.SafeSearchProductInfo.IsInstalled(Avira.OE.WinCore.Browser)
bei Avira.OE.WinCore.BrowserInfo.GetBrowsersData(System.Func`2<Avira.OE.WinCore.Browser,Boolean>)
bei Avira.OE.BrowserExtensionConnector.AviraSafeSearchStatusConnector.GetBrowserInfo()
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.SetPayloadForSafeSearch(Avira.OE.WinCore.Interface.DevCheckUpdatePayload)
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.CheckForUpdate()
bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.OnRecurrentUpdateCheck(System.Object)
bei System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.TimerQueueTimer.CallCallback()
bei System.Threading.TimerQueueTimer.Fire()
bei System.Threading.TimerQueue.FireNextTimers()
bei System.Threading.TimerQueue.AppDomainTimerCallback()
Systemfehler:
=============
Error: (12/13/2015 12:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/13/2015 12:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/13/2015 12:34:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB3074550)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3086255)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3075226)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3081320)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3084135)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3112148)
Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB3097996)
CodeIntegrity:
===================================
Date: 2015-12-12 18:05:26.824
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 18:05:26.779
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 6306.88 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13792.59 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:557.48 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 |
| .dll, administrator, anlage, antivir, auftrag, defender, dnsapi.dll, firefox, flash player, hijack, home, homepage, mozilla, mp3, programm, prozesse, registry, services.exe, software, tr/crypt.xpack.gen, tr/crypt.xpack.gen4, trojan, windows, winlogon.exe |
Linear-Darstellung
