| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Heitmann Metallhandel Makros VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.12.2015, 17:09
| #1 |
| |  Heitmann Metallhandel Makros Virus Makro Virus Heitman Metallhandel Hallo, ich habe gestern eine Mail von Heitman Metallhandel bekommen mit einen Anhang als Rechnung in .doc die ich leider geöffnet habe. Wie sich rausgestellt hat war es eine Mail die nichts mit diesem Unternehmen zu tun hatte und ich befürchte, dass ich mir einen Makro Virus eingefangen habe. Ich wäre für jede Hilfe dankbar. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:20-12-2015
durchgeführt von Nikos (2015-12-21 16:48:22)
Gestartet von C:\Users\Nikos\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-04-03 17:29:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1865184633-4289980622-1215388488-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1865184633-4289980622-1215388488-1002 - Limited - Enabled)
Gast (S-1-5-21-1865184633-4289980622-1215388488-501 - Limited - Disabled)
IUSR_NMPR (S-1-5-21-1865184633-4289980622-1215388488-1003 - Limited - Enabled) => C:\Users\IUSR_NMPR
Nikos (S-1-5-21-1865184633-4289980622-1215388488-1004 - Administrator - Enabled) => C:\Users\Nikos
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
12th Century BlackJack 2.1.3 (HKLM\...\12th Century BlackJack) (Version: 2.1.3 - hxxp://www.bksoft.de)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3D-Fahrschule Demo (HKLM\...\3D-Fahrschule Demo) (Version: - )
3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.8.0720b - Xilisoft)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ALDI Foto Manager Free Nord (HKLM\...\ALDI Foto Manager Free Nord D) (Version: 3.4.0.466 - MAGIX AG)
ALDI Foto Service Nord (HKLM\...\ALDI Foto Service Nord D) (Version: 1.12.0.93 - MAGIX AG)
ALDI Online Druck Service (Nord) (HKLM\...\ALDI Online Druck Service (Nord)) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version: - )
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ACHTUNG
Ask Toolbar Updater (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ACHTUNG
Asterix bei den Olympischen Spielen (HKLM\...\Asterix at the Olympic Games) (Version: - Atari)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AVIConverter 2.1 (HKLM\...\AVIConverter) (Version: 2.1 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar plus Web Protection (HKLM\...\{41564952-412D-5637-00A7-A758B70C0202}) (Version: 12.2.2.663 - Ask Partner Network)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
BattlEye Uninstall (HKLM\...\BattlEye for A2) (Version: - )
Bing Bar (HKLM\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Blaze Media Pro (HKLM\...\Blaze Media Pro) (Version: - Mystik Media)
Blaze Media Pro (Version: 8.0 - Mystik Media) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{0830C2E8-01B9-4CD1-B218-12B0107D5BED}) (Version: 0.9.10 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.02 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D1300 (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D1300_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler 2 - Die nächste Generation - Demoversion (HKLM\...\S2TNGDemo) (Version: - )
Diercke Globus (HKLM\...\Diercke Globus) (Version: 1.1 - Imagon GmbH)
dolp_demo (HKLM\...\{6CA671A5-954C-4B75-8104-7B085246A8B5}) (Version: 1.0.0.0 - Maze)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
DVD2one V2.2.1 (HKLM\...\DVD2one V2) (Version: 2.2.1 - Eximius B.V.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
EmptyInstaller2 (HKLM\...\{6473B3D0-B05C-4D2F-A7EC-BECB512FCB14}) (Version: 1.0.0.0 - Maze)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Facebook Plug-In) (Version: - Facebook, Inc.)
FileConverter 1.3 Toolbar (HKLM\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Find Junk Files (HKLM\...\Find Junk Files) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Fußball WM-Chronik (HKLM\...\InstallShield_{50C5FC87-CDF3-445E-86CE-FE4F7703F075}) (Version: 1.00.0000 - USM)
Fußball WM-Chronik (Version: 1.00.0000 - USM) Hidden
GBalph NDSMovie Converter V1.00 (HKLM\...\{5B4F13B0-62C4-4F70-B9A6-3788196EC972}) (Version: 1.00.0000 - GBalpha)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GSGÂ*eXtract (HKLM\...\GSGÂ*eXtract) (Version: - )
HP Deskjet & Photosmart Printer Driver Software 8.0.A (HKLM\...\{981DE354-9301-440f-AAFC-025AA2354A93}) (Version: 8.0 - HP)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{9FAAE06C-DEDD-4299-B88D-1F9AD5E1547F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
ImTOO MPEG Encoder (HKLM\...\ImTOO MPEG Encoder) (Version: 3.1.54.0404b - ImTOO)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
JAP (HKLM\...\JAP) (Version: 00.010.003 - JAP-Team)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version: - )
LibreOffice 4.4.3.2 (HKLM\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
livetvbar Toolbar (HKLM\...\livetvbar Toolbar) (Version: - )
LookDisk (HKLM\...\LookDisk) (Version: - )
M3 SAKURA V1.42 European (GAME PATCH V4.5Beta) (HKLM\...\{ADE237A0-0B2B-4009-AE91-3FF0989C28CD}) (Version: 1.4.2 - GBalpha)
M3 SAKURA V1.47 Global (GAME PATCH V4.8b) (HKLM\...\{F3FB33E7-6058-4C95-8FCE-9C0E01EAF946}) (Version: 1.4.7 - GBalpha)
Magical Kingdom (HKLM\...\{E50CE67B-9E1F-4638-AD3A-D33C7889D23E}) (Version: 1.0.0.3 - Maze)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2516 - CyberLink Corp.)
Max Payne 2 (HKLM\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Media Converter SA Edition 0.8 (HKLM\...\Media Converter SA Edition) (Version: 0.8 - Pascal Beyeler)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
MEDION Fotos auf CD Nord (HKLM\...\MEDION Fotos auf CD Nord D) (Version: 6.0.2.0 - MAGIX AG)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Moorhuhn 3 DL (HKLM\...\{FF895069-BD9A-11D5-986D-00500443CF9F}) (Version: - )
Moorhuhn Kart 2 XS (HKLM\...\{DDABECD7-C579-4477-8B5F-B817AF54B2DC}) (Version: - )
MOV Converter 3 (HKLM\...\MOV Converter 3) (Version: 3.1.8.0720b - Xilisoft)
Movavi Video Converter 6 (HKLM\...\{F2DF7839-7B71-4E34-BB8D-552E182082C9}) (Version: 6.03.000 - MOVAVI)
Mozilla Firefox 43.0.1 (x86 de) (HKLM\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MP3 Player Utilities 3.68 (HKLM\...\{5DFDB75C-DA8C-45DB-987C-67000BB6C3B9}) (Version: 1.0.0 - myMPxPlayer.org)
MP3 Player Utilities 4.00 (HKLM\...\{7784A172-61F1-445E-8368-601607E0DD22}) (Version: 4.00 - )
MP3 Player Utilities 4.15 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.15 - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{5BB977A4-E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia Lifeblog 2.5 (HKLM\...\{E94603CA-2996-4154-8EE2-A5FCD4BFB500}) (Version: 2.5.224 - Nokia)
Nokia NSeries Application Installer (HKLM\...\{FD349381-D79C-4E5C-8980-015DFFB962D5}) (Version: 6.82.15 - Nokia)
Nokia NSeries Content Copier (HKLM\...\{F779EC8D-6703-4C4A-817C-37B07898E647}) (Version: 6.82.15 - Nokia)
Nokia NSeries One Touch Access (HKLM\...\{F4EE8763-EAA8-4BC1-8594-8501F5F00414}) (Version: 6.82.15 - Nokia)
Nokia NSeries System Utilities (HKLM\...\{96E94E18-54D6-42C1-8FC4-24DACEDC3395}) (Version: 6.82.16 - Nokia)
Nokia Software Launcher (HKLM\...\{A8C856AD-63CD-4613-AA29-E6C85607EA06}) (Version: 1.6.80 - Nokia)
Nokia Software Updater (HKLM\...\{3186AEAE-E104-424D-9152-1BF6A4404758}) (Version: 01.03.085.28569 - Nokia Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O MediaRecovery (HKLM\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice 4.1.1 Language Pack (German) (HKLM\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 9.52 (HKLM\...\{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}) (Version: 9.52 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery)
Phoenix Backup Professional (HKLM\...\{BF34527D-7B27-43AD-9994-7B3ABCEF3625}) (Version: 3.5.000 - SYDATEC)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.0.4310 - CyberLink Corp.)
PixiePack Codec Pack (HKLM\...\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}) (Version: 0.10.6.0 - None)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
PokerStars (HKLM\...\PokerStars) (Version: - PokerStars)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.2.2504 - CyberLink Corp.)
Prism Video Converter (HKLM\...\Prism) (Version: - NCH Software)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealArcade (HKLM\...\RealArcade 1.2) (Version: - )
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.60 (HKLM\...\Revo Uninstaller) (Version: 1.60 - VS Revo Group)
RonyaSoft CD DVD Label Maker 2.01 (HKLM\...\RonyaSoft CD DVD Label Maker) (Version: 2.01 - RonyaSoft)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden
SF_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden
Silverjuke 2.51 (HKLM\...\Silverjuke) (Version: 2.51 - Bjoern Petersen Software Design and Development)
SLD CODEC PACK 1.5.3 (HKLM\...\SLD CODEC PACK 1.5.3) (Version: - )
SopCast 3.0.3 (HKLM\...\SopCast) (Version: 3.0.3 - SopCast.com)
Speckie (HKLM\...\{C1A4F1E2-46E6-4EEE-B183-B10908BEF30F}) (Version: 5.9.1 - Versoworks)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steganos Safe OEM (HKLM\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Stream Torrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version: - )
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{B23B43B5-DDDC-41DA-9700-F334744E694E}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPER RTL - Clubs 2.1 (HKLM\...\SUPER RTL - Clubs) (Version: 2.1 - SynthiCon AG)
Switch Sound File Converter (HKLM\...\Switch) (Version: - NCH Swift Sound)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Systemsteuerung "MobileMe" (HKLM\...\{6DA9102E-199F-43A0-A36B-6EF48081A658}) (Version: 2.1.0.24 - Apple Inc.)
Tobit.Software ClipInc (HKLM\...\Tobit ClipInc Server) (Version: - Tobit.Software)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Treiber-Studio Heft-Ausgabe 1.5.0.0 (HKLM\...\Treiber-Studio Heft-Ausgabe) (Version: 1.5.0.0 - )
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4916 - CyberLink Corp.)
TVAnts 1.0 (HKLM\...\TVAnts 1.0) (Version: - )
TVsweeper 3 (HKLM\...\{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}) (Version: 3.0.3 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Videora iPod Converter 3.00 (HKLM\...\Videora iPod Converter) (Version: 3.00 - Red Kawa Inc.)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 4.6.5 - Shark007)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.541 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WISO Mein Geld 2008 Professional (HKLM\...\{D8D22773-14BF-4178-A683-3DBA515C2A26}) (Version: 9.00.01.0023 - Buhl Data Service GmbH)
WISO Sparbuch 2009 (HKLM\...\{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}) (Version: 16.00.6228 - Buhl Data Service GmbH)
WISO Sparbuch 2010 (HKLM\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{E27015CD-CE60-4D7A-A194-1EDB6F0294B8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM\...\{4A07FBD0-6B15-4066-81BE-9C6F56BF3374}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wonderland (HKLM\...\Wonderland) (Version: - )
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - )
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\XBMC) (Version: - Team XBMC)
Xilisoft DVD Creator (HKLM\...\Xilisoft DVD Creator) (Version: 3.0.39.1212 - Xilisoft)
Xilisoft Video Converter (HKLM\...\Xilisoft Video Converter) (Version: 3.1.34.0629b - Xilisoft)
XMedia Recode 2.0.5.3 (HKLM\...\XMedia Recode) (Version: 2.0.5.3 - Sebastian Dörfler)
XP Codec Pack (HKLM\...\XP Codec Pack) (Version: - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Suche Schutzvorkehrung (HKLM\...\Yahoo! Search Defender) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\axfbootloader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" => Keine (Der Dateneintrag hat 5 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.27.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.13\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.26.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
==================== Wiederherstellungspunkte =========================
11-12-2015 00:00:07 Geplanter Prüfpunkt
11-12-2015 12:43:10 Windows Update
12-12-2015 11:46:03 Windows Update
13-12-2015 00:00:03 Geplanter Prüfpunkt
13-12-2015 12:23:16 Windows Update
14-12-2015 11:22:35 Windows Update
15-12-2015 00:00:04 Geplanter Prüfpunkt
15-12-2015 10:06:50 Windows Update
16-12-2015 10:54:22 Windows Update
17-12-2015 10:28:17 Windows Update
17-12-2015 21:39:52 Wiederherstellungsvorgang
17-12-2015 21:56:19 Windows Update
18-12-2015 09:18:02 Windows Update
19-12-2015 12:59:54 Windows Update
19-12-2015 18:06:55 Windows Update
19-12-2015 18:16:14 Windows Update
19-12-2015 19:23:52 Windows Update
20-12-2015 03:00:13 Windows Update
21-12-2015 10:41:37 Windows Update
21-12-2015 12:51:45 OpenOffice 4.1.2 wird installiert
21-12-2015 12:54:28 OpenOffice 4.1.2 wird installiert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 11:23 - 2009-02-18 10:26 - 00000054 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00BE7185-5F1A-43C0-841C-E8AD68D8BBC4} - System32\Tasks\{10B97F12-AA7F-4903-A405-D74A04A02705} => pcalua.exe -a E:\SetupAssistant.exe -d E:\
Task: {11B0894E-EBCE-4AAB-8F8B-4013E73385A2} - System32\Tasks\{94080AF5-9C42-4005-81E6-24B1E650BC1E} => pcalua.exe -a C:\Users\Nikos\Downloads\unlocker1.8.7.exe -d C:\Users\Nikos\Downloads
Task: {12B11D5D-2993-47F4-9270-46E04933A8CF} - System32\Tasks\{F3E24BE1-F331-4D0D-BD46-503BDEE7717D} => pcalua.exe -a "C:\Users\Nikos\Desktop\ALLES FÃœR NDS\Lunar IPS.exe" -d "C:\Users\Nikos\Desktop\ALLES FÃœR NDS"
Task: {168BA2CF-94D6-474B-B659-3283CB39D762} - System32\Tasks\{240A4E2B-8314-403B-BF24-ADFDFE93354C} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner (2)\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner (2)"
Task: {16E4CC5F-7DF7-4BFC-92C0-9EC968B3B6BF} - System32\Tasks\{00BF5DC6-FDDC-48BF-9017-04EEC67AE43F} => pcalua.exe -a C:\Users\Nikos\Desktop\sw5_6520_eu.exe -d C:\Users\Nikos\Desktop
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {231E0501-6AC1-420F-8A83-EF999F81EAA7} - System32\Tasks\{DF09BE72-43DD-4305-9F7E-A1774FCDB454} => pcalua.exe -a C:\Users\Nikos\Desktop\XMediaRecode2053_setup.exe -d C:\Users\Nikos
Task: {2708CB5F-8F92-4B5C-83A6-E1A97D7E2EF9} - System32\Tasks\{99BABFB4-4F16-4BD4-A05B-BFF67E26FB78} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {2AEABF7F-795C-4666-8B09-18E661369557} - System32\Tasks\{120445C3-D540-456D-8DF0-70E4FF15F2B1} => pcalua.exe -a "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut\Setup.exe" -d "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut"
Task: {321CA7E7-C48A-4A10-8BF4-395321F9A4C8} - System32\Tasks\{B44C65CF-D43C-488A-B75E-A987F4403661} => pcalua.exe -a C:\Users\Nikos\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Nikos
Task: {34533105-4D81-4652-9399-B189F4B2FE73} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {364076C4-05DA-4B85-AD23-C7B6967E5EF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {3BE9D675-0541-42C7-8ACF-D15A48FB9B5E} - System32\Tasks\{A138F0C9-67D3-44F5-BAB5-2B7BD156D5D2} => pcalua.exe -a "C:\Program Files\VistaCodecPack\Tools\InstalledCodec.exe" -d "C:\Program Files\VistaCodecPack\Tools\"
Task: {44D97E15-7636-481C-A83F-EA46F946D820} - System32\Tasks\{4CB191AA-F68D-49DB-A863-211EF758A25A} => pcalua.exe -a C:\PROGRA~1\MICROS~3\Office12\Moc.exe -d "C:\Users\Nikos\Desktop\Neuer Ordner" -c "C:\Users\Nikos\Desktop\Neuer Ordner\PresentationLoad-3D-Vorlagen.pptx"
Task: {515414C4-74D2-47E4-87E5-49E4DC94DA89} - System32\Tasks\{49ACCF4B-A098-495D-B44D-BC8B6B22F590} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5517E4AF-4F3F-4775-A349-68F1318D2020} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-01-03] () <==== ACHTUNG
Task: {55783787-C5DE-4049-A0DC-0F43EF7F6694} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {587F68AD-9635-47E2-B647-17F90CD838D1} - System32\Tasks\{8265807A-6E3A-42BF-87FD-BC6D234158EF} => pcalua.exe -a "C:\Program Files\eRightSoft\SUPER\Setup.exe" -d "C:\Program Files\eRightSoft\SUPER" -c /remove
Task: {6F3BEC83-FEB2-47C9-828E-811D071213FE} - System32\Tasks\{C79FFAE0-15D5-4CD4-A837-C2B4C989D0F7} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\MagicDVDCopier471.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {71439A45-A908-4FBD-9532-01BD7546FF86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {74BDEF06-C4BF-4CB1-BD36-6D638DE3C525} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {76D771A3-F641-4632-86D4-5B046570B782} - System32\Tasks\{A8AD5988-D9CA-4A4E-9720-FE24DC271413} => pcalua.exe -a c:\Users\Nikos\Downloads\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {828A5067-4CE7-4486-A184-C42486F77710} - System32\Tasks\{F097281D-838A-42E8-A844-C8ADA88F8AB9} => pcalua.exe -a J:\OO\DE\OOMediaRecoveryDeu.exe -d J:\OO\DE
Task: {87D918BE-41E3-4159-886B-5A3E0663557E} - System32\Tasks\{6733710C-AD59-4A51-A4E9-EE2E051299F6} => pcalua.exe -a "C:\Program Files\PCast\uninst.exe"
Task: {89654B80-80E6-42EE-8043-724DCFD1FD64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B062C8A-4FBF-4301-810A-2B561E597E27} - System32\Tasks\{B917E915-7176-416B-84AF-BB4B3928F942} => pcalua.exe -a E:\setup.exe -d E:\
Task: {8EAA433D-C477-4212-BD86-11E9CAE95FC6} - System32\Tasks\{68BA138E-CE37-4BB1-AE38-B9D802DE5949} => pcalua.exe -a C:\Users\Nikos\Downloads\mp4_Driver\setup.exe -d C:\Users\Nikos\Downloads\mp4_Driver
Task: {91DD65D7-2879-4B03-844F-CF93A2E889E2} - System32\Tasks\{A4B3955B-0085-4D2A-86DB-84BCC6717498} => pcalua.exe -a c:\Users\Nikos\Downloads\unlocker1.8.6.exe
Task: {A48CC989-C9EC-4341-90FD-D0D66BD5C933} - System32\Tasks\{09C787DC-5B2A-4639-892E-88B38736CBDC} => pcalua.exe -a C:\Windows\system32\BDEADMIN.CPL -c BDE-Verwaltung
Task: {AD4E1F21-77C3-40A8-9D3F-D2B8251EEAFC} - System32\Tasks\{9B8C3F0E-BFA7-487F-A081-B084CCF19051} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner"
Task: {B0669124-F4BB-4830-896B-6DC9B2E67E60} - System32\Tasks\{2485666A-3E32-49BA-A08A-F99057EF1BF1} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B3C8AECE-C0D6-4B02-A53D-5CC394AE0A0C} - System32\Tasks\{DC586420-D732-4F9C-A7A9-B8D002BE913B} => pcalua.exe -a C:\PROGRA~1\MICROS~3\OFFICE11\XLVIEW.EXE -d C:\Users\Nikos\Desktop -c /e
Task: {B708D72F-1990-4815-BD13-E9008EEAC32E} - System32\Tasks\{FF41816C-8E44-41D5-9BEA-B70EEBAD5032} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\XMediaRecode2053_setup.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {BDAA8694-C6F2-4808-9DE1-4CC263839631} - System32\Tasks\{CB70345E-703A-4568-A356-0E6220B64A31} => pcalua.exe -a C:\Users\Nikos\Downloads\Nero-9.2.6.0_trial.exe -d C:\Users\Nikos
Task: {BEBEE22A-268D-4AEA-A761-134B522FDB70} - System32\Tasks\{8E467004-6634-4237-9451-BF9CBACBC7E6} => pcalua.exe -a C:\Users\Nikos\Desktop\Slim1200_de.exe -d C:\Users\Nikos\Desktop
Task: {C0985CF5-FA42-43A9-BED4-F77CF93C4906} - System32\Tasks\{4C1E1956-1384-4CA0-904C-DF3140E27077} => pcalua.exe -a "C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYSQSP8D\GoogleToolbarInstaller[1].exe" -d C:\Users\Nikos
Task: {C0F5EDF9-B795-4E12-B225-F5868EFBC3EA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {CB1FE278-9807-4AE8-B278-E4C6DFF9F439} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
Task: {DB95491E-2E0B-4DCB-94E4-3281FE7D57E7} - System32\Tasks\{BE3C389D-1E10-4065-9A05-49F75A345419} => pcalua.exe -a C:\Users\Nikos\Desktop\mp4_Driver\setup.exe -d C:\Users\Nikos\Desktop\mp4_Driver
Task: {DF797DFE-3439-456B-9918-DAD666A1ED85} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {EE0B0FF5-AF20-4CCA-8BAE-A4EE63F04AC4} - System32\Tasks\{608EE20C-4384-4796-81DC-0F7910E95E88} => pcalua.exe -a "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net\InstMsiW.exe" -d "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net"
Task: {F81B7673-7CD7-417D-9362-A1058B1731CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Nikos\Downloads\Documents\eBay - Der weltweite Online-Marktplatz.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0¤cy_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONload.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionload.de
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONmusic.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionmusic.com
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0¤cy_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-06-25 13:17 - 2008-06-07 08:09 - 00022832 _____ () C:\Windows\System32\win2pdfm.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-12-31 13:33 - 2009-12-31 13:33 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ed7d69e2\mscorlib.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f0970aa0\system.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ec1cfc11\system.windows.forms.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3dac4b7b\system.xml.dll
2008-02-19 14:14 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-17 10:31 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2009-04-27 01:43 - 2008-10-20 21:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2008-02-19 14:32 - 2007-01-09 10:25 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-02-19 15:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2008-04-05 22:13 - 2007-12-12 10:21 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00268504 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
2007-06-27 10:14 - 2007-06-27 10:14 - 00325848 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaserver.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00563416 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_client.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00070872 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaspace.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00219352 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_import.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00041176 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_aggregate.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00030424 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_sync.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00025304 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunisauth.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00104664 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunists.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00088280 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnp.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00026328 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00065240 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00027864 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_xrturi.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00252120 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_zcardea.dll
2010-10-14 11:57 - 2010-10-14 11:57 - 00040960 _____ () C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-01-14 15:59 - 2009-10-07 21:28 - 00200704 _____ () C:\Program Files\ImageConverter Plus\gpgate.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 01183744 _____ () C:\Program Files\ImageConverter Plus\FCRTL.dll
2008-04-04 12:30 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2008-05-02 05:15 - 2008-05-02 05:15 - 00010240 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2008-10-01 14:24 - 2008-10-01 14:24 - 00147456 _____ () C:\Program Files\Steganos Safe OEM\ShellExtension.dll
2005-07-22 07:21 - 2005-07-22 07:21 - 00032768 _____ () C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\AmvTransform.dll
2010-01-14 15:59 - 2009-10-07 21:24 - 01339392 _____ () C:\Program Files\ImageConverter Plus\fcnv.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 06803456 _____ () C:\Program Files\ImageConverter Plus\fpdf.dll
2010-01-14 15:59 - 2009-10-07 21:18 - 00020992 _____ () C:\Program Files\ImageConverter Plus\MemHandler.dll
2008-12-11 09:16 - 2008-12-11 09:16 - 00026112 _____ () C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
2010-10-23 01:53 - 2009-04-07 12:53 - 00030440 _____ () C:\Program Files\dcmsvc\dcmsvc.exe
2010-05-26 01:31 - 2010-04-01 13:09 - 00039936 _____ () C:\Program Files\phonostar-Player\phonostarTimer.exe
2010-05-26 01:31 - 2009-08-13 11:54 - 02013184 _____ () C:\Program Files\phonostar-Player\QtCore4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 07464448 _____ () C:\Program Files\phonostar-Player\QtGui4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 00179712 _____ () C:\Program Files\phonostar-Player\QtSql4.dll
2010-05-26 01:31 - 2009-06-20 07:55 - 00344576 _____ () C:\Program Files\phonostar-Player\plugins\sqldrivers\qsqlite4.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0B9D8E22
AlternateDataStreams: C:\ProgramData\TEMP:242231A9
AlternateDataStreams: C:\ProgramData\TEMP:4B7BEAFF
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\elsteronline.de -> hxxps://www.elsteronline.de
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F3ECBA52-9DCC-47F6-A021-9E923C2C2B01}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{C6812261-0A3C-43C2-8949-9AE5157D671F}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{850CBDDC-B319-41D0-828D-5B182D38EBCB}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{A96BB2BD-409A-42B9-A526-2B3717225E15}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{9D595453-CD4A-4CFF-9FFD-136623996ED8}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{7BF2D859-36AA-4EB2-B71E-A471BCEF5539}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}] => (Allow) LPort=9442
FirewallRules: [{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}] => (Allow) LPort=1900
FirewallRules: [{CF2CDCB5-D2F6-49D4-A33B-5EF67FA9D1DA}] => (Allow) C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe
FirewallRules: [{7F175D14-9107-4174-AD62-766C7D6740C8}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{391F82BA-B271-4FFF-9768-42063CB88C6B}] => (Allow) C:\Program Files\HomeCinema\PowerDVD\PowerDVD.EXE
FirewallRules: [{185FC6A3-2B03-4813-8182-41FD835D1941}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEnhance.exe
FirewallRules: [{ED2CFFBA-B70F-428F-9C7B-416B44412005}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
FirewallRules: [TCP Query User{594F2DEB-9E25-4F0B-9E98-930738E75A4F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A039D724-C852-4BB2-9618-BD6FB4C2394B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D183A532-4BAF-4785-98FD-DA54FC227168}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{B43D804E-6FC9-42E0-BC4B-07748F7B3E8F}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{D87558D8-C545-43F3-B523-6C0990EE1B46}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{7ED35175-BC8F-40D3-88FF-EF4850E2C87A}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{D165D383-F47B-452B-BDC5-04FCC70D4172}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{89897771-CD2B-44BF-812C-6232B5D65788}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{AFAB67EF-B656-4F40-9C6C-9671417FC63A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A3231AEE-CAE4-46C7-A157-017A8E677939}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{BA16A689-B25D-499F-8531-4B40BF0F2C2B}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{AD2E3A6D-A0DB-44A0-B6C7-61E4485683CD}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{29D7F53B-E847-4AB3-801C-D5FFC541F079}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C1201A86-06E2-4863-90B4-03AA7361CB67}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{E1507264-19F0-43EB-A3EF-77242D435ECA}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [UDP Query User{737DE753-82B2-4629-82FF-4F02087B28E5}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [TCP Query User{CC5E1C63-578B-4333-95D9-07B7B384E717}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [UDP Query User{6769E18A-6EFC-4726-A3F7-5CBB61CD132C}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [TCP Query User{BDB3F5D9-831C-4247-81C2-961CEF3E708B}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{5BB4A5B7-393A-49F0-9A8A-D21D088E1E59}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{9B7C19FA-D923-4F11-AAF0-237AEA9F73F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D23F01CA-594F-4C03-B7B6-C57D358541CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{5848E646-13E1-4DC9-80CD-0E8F9732EC59}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{C982022C-A7D1-46FE-BDDE-83E797DAB6CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{8BB77B86-275E-436A-BA43-5FDB65B04446}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{D740A3D4-11A7-4589-897C-8367416022FB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{098A7C6B-0BF2-453B-B70F-CD6F2319B326}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [UDP Query User{4AB7955B-115F-4BE7-9448-C77510362D77}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [TCP Query User{25200373-2AE9-4DB3-8BD7-9632D5260B45}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{33C4E831-53C9-4302-80CE-1C77AD38AFE6}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{4FB1D683-B1F0-475F-8874-892326392BA3}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2972BFAC-EF0F-463A-9764-795C17631725}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{6C0809A0-426D-4330-8A63-809774F297B8}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [UDP Query User{D01EFB15-45F2-4FD9-A082-DF63D020A56B}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [{AFCF677F-2F5D-4C13-A224-7D421F1118CE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EAE71A81-0873-497A-AA9F-FA9650DABE27}] => (Allow) LPort=2869
FirewallRules: [{FC768887-DED2-4A0C-92FE-B5086FCC2932}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{CBD2B1A2-1BFD-44EF-B08D-8F91525089F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{97297122-7FF4-4439-8581-35655C5F5C98}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{52E46CD5-1D18-4AAF-9C1C-9CE50EE19552}] => (Allow) LPort=80
FirewallRules: [{E0F103B8-968D-4BBC-AD28-2FB01CBB97A8}] => (Allow) LPort=80
FirewallRules: [{FA2716BA-9FEB-47B9-91FC-EA990AE17B32}] => (Allow) LPort=80
FirewallRules: [TCP Query User{15C06BC4-4643-4EF0-A3DD-FF924FD04F8D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{2B34AB91-9E92-4F7F-94B1-FEC1A1D3018E}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{7DDFCB58-FB5E-457F-AC35-3233EB654D0F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4F2EADE1-0719-49E9-8BCA-5622DF8B6269}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{7CA83392-865A-446D-BFE0-496A7C4505FF}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{984D0F7D-4EB7-4C0D-B883-6CF2B7625575}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0D70E4CE-EA81-4C40-A763-0C870338BCD9}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{C3248F83-AA59-4556-908C-6B75D4DEA877}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{CD9B2571-4206-4F61-81EF-5A4FDC8E8ED9}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{F091261E-7637-4008-913F-0BB52616B39C}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{1AB9F065-D7BA-42B4-8389-21845D513865}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{FA859A85-2C38-4A4F-961C-A2AE38C11EB9}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{4347CA25-3756-4C02-977B-F0823F8A7015}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{25B3A4C1-24BF-4245-9CCC-C05D5DF8514E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{055126E8-DA11-43EF-BDB7-4037918517EE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{ED908A22-74AD-4FE4-800F-021C77BC5AAF}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{BB4B6292-B3EE-4DB5-A8E5-2C1A8E193826}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{891A0DF7-39C4-4788-A2E5-E6839CFF89C7}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{C58B52A6-C708-43F2-B234-FAB16F3BABC4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{71222D28-6D3B-4409-B1A5-FFDDC2F7115C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A94CDEEB-A61C-40BB-A3DD-DEEBA70F9953}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{EC10BB3F-B228-4A3E-BEBF-C3D094E29693}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41B7C7AE-9FB4-4DBE-BB03-270A93A5A156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CCF94E4-2F3E-4DCC-AEF3-63A4C96028BD}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5B8A4346-3F2F-4ABA-BA78-97FD3E04837C}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5A3EEBA5-8AA7-4F3B-BC5B-678326C70CFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7F06858D-9332-4822-8003-1BF015A67755}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{3425A507-6D5B-4594-A4D0-4CDE5AAF8F5A}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{680EC8A3-B0E1-4A54-915E-2D4EEE78F81E}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [TCP Query User{F7F55C8C-DE9C-49EE-842C-B9F21AEAC413}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{79EC5FE0-F5AD-4F2F-AD48-E3313DF0B4CA}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [{2CDF1437-3AF3-4FA1-B375-C2C3CFEF1D88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D28A83B8-9674-4DE1-AE97-D4DE7344A1E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{73C70069-08AB-4797-9FD2-C84C0BFB9E17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A65FD6B1-AA90-499F-9D27-8A0CD6EE7F40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\PPMate\ppmate.exe] => Enabled:PPMate
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/21/2015 12:52:33 PM) (Source: MsiInstaller) (EventID: 1013) (User: Nikos-PC)
Description: Produkt: OpenOffice 4.1.2 -- Bitte beenden Sie OpenOffice 4.1.2 und den OpenOffice 4.1.2-Schnellstarter, bevor Sie fortfahren. Falls Sie ein Mehrbenutzersystem benutzen, stellen Sie sicher, dass kein anderer Nutzer OpenOffice 4.1.2 geöffnet hat.
Error: (12/21/2015 10:47:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16723, Zeitstempel 0x5644f76f, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.19514, Zeitstempel 0x561e7b93, Ausnahmecode 0xc0000374, Fehleroffset 0x000b0a78,
Prozess-ID 0x13d0, Anwendungsstartzeit iexplore.exe0.
Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.
Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.
Error: (12/21/2015 10:36:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/20/2015 12:46:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\NIKOS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FAOEN3CU.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (12/20/2015 12:42:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/20/2015 03:02:36 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
Error: (12/20/2015 03:02:36 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.
Systemfehler:
=============
Error: (12/21/2015 10:47:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft .NET Framework 1.1 SP1 unter Windows XP, Windows Vista und Windows Server 2008 x86 (KB2833941){343E12E8-8772-4A72-9982-570122E959DB}203
Error: (12/21/2015 10:46:10 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (12/21/2015 10:46:05 AM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "NIKOS-PC :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.33
registriert werden. Der Computer mit IP-Adresse 169.254.202.191 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (12/21/2015 10:46:05 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5B99534D-2400-4DC0-9113-8BECB8EC9273} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (12/21/2015 10:46:02 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (12/21/2015 10:46:01 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (12/21/2015 10:46:00 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (12/21/2015 10:45:58 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (12/21/2015 10:45:57 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (12/21/2015 10:45:56 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 1123.36 MB
Summe virtueller Speicher: 6341.89 MB
Verfügbarer virtueller Speicher: 3663.05 MB
==================== Laufwerke ================================
Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:143.27 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.52 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A2150798)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== Ende vom Addition.txt ============================
|
|
21.12.2015, 17:15
| #2 |
| | Heitmann Metallhandel Makros Virus [CODE]
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
durchgeführt von Nikos (Administrator) auf NIKOS-PC (21-12-2015 16:46:22)
Gestartet von C:\Users\Nikos\Desktop
Geladene Profile: IUSR_NMPR & Nikos (Verfügbare Profile: IUSR_NMPR & Nikos)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
(Yahoo! Inc) C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
(CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
() C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
() C:\Program Files\dcmsvc\dcmsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\phonostar-Player\phonostarTimer.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\System32\ntvdm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2008-04-03] (Google)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [111936 2008-09-03] (Apple Inc.)
HKLM\...\Run: [SAFEOEM HotKeys] => C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe [26112 2008-12-11] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256 2010-10-14] (RealNetworks, Inc.)
HKLM\...\Run: [dcmsvc] => C:\Program Files\dcmsvc\dcmsvc.exe [30440 2009-04-07] ()
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [Search Protection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [{0D60629E-6757-4B1A-1A32-7835EEAA2F15}] => C:\Users\Nikos\AppData\Roaming\Yhtop\ogirafh.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\RunOnce: [Adobe Speed Launcher] => 1418941746
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-06-22]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk [2010-10-23]
ShortcutTarget: Warner Bros.lnk -> C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B99534D-2400-4DC0-9113-8BECB8EC9273}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5C3F7A78-9AC4-4A54-B0DF-4F12F7C29A6C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CAD71E9E-1831-483C-B9E3-9F2820B5E4F8}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
URLSearchHook: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1576177
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1576177
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {15003506-EE97-481D-85CA-0AE23947A486} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=23FA1492-7E55-44C2-9AAD-7D29996CCDA4&apn_sauid=0ECEB9CE-D835-48FF-9843-8204B8D5D9E4
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {F57C662B-F287-47DE-900D-3502FF7E098A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23] (Yahoo! Inc.)
BHO: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-14] (RealPlayer)
BHO: Avira SearchFree Toolbar plus Web Protection -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26] (APN LLC.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: FileConverter 1.3 Toolbar -> {78e516ef-11de-47a1-8364-a99b917ec5ee} -> C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
BHO: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Nikos\AppData\Roaming\Speckie\bin32\Speckie32.dll [2013-06-02] (Versoworks Pty Ltd)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: livetvbar Toolbar -> {ad55c869-668e-457c-b270-0cfb2f61116f} -> C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03] (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll [2010-03-23] (Yahoo! Inc)
Toolbar: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23] (Yahoo! Inc.)
Toolbar: HKLM - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03] (Ask)
Toolbar: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> FileConverter 1.3 Toolbar - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} hxxps://account.maxdome.de/presentation/script/HWTest.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} hxxp://de.bookmarks.yahoo.com/YbConvFav.CAB
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} hxxp://whkd.dvrdns.org/JpegInst.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default
FF DefaultSearchUrl: hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-10] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF user.js: detected! => C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js [2012-04-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npgcplug.dll [2008-09-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\userlogos.xml [2009-01-06]
FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\webssearches.xml [2015-01-09]
FF Extension: Low Quality Flash - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\low_quality_flash@pie2k.com [2015-05-30]
FF Extension: Greek Translator - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\{A17292E8-DE0B-11DA-BCE2-92ABFC5AF602}.xpi [2015-05-30]
FF Extension: Avira Browser Safety - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\abs@avira(233).com [2015-12-15]
FF Extension: AnyColor - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\anycolor.pavlos256@gmail.com [2010-08-22] [ist nicht signiert]
FF Extension: German Dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] [ist nicht signiert]
FF Extension: Greek Spelling dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\el-GR@dictionaries.addons.mozilla.org [2015-12-19] [ist nicht signiert]
FF Extension: Fast Dial - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\fastdial@telega.phpnet.us [2015-11-21]
FF Extension: Video Downloader Professional - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-05-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: YouTube™ Flash® Player - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-11-28]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2015-12-01]
FF Extension: YesScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\yesscript@userstyles.org.xpi [2015-05-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [ist nicht signiert]
FF Extension: Flash Game Maximizer - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [2015-05-30]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169) [2008-06-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(95) [2011-04-18] [ist nicht signiert]
FF Extension: Flashblock - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-29]
FF Extension: eBay Sidebar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2015-05-30]
FF Extension: NoScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: iMacros for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(132) [2013-09-13] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(123) [2013-09-15] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(133) [2013-09-14] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(881) [2009-04-10] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: GooglePreview - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(68) [2009-05-07] [ist nicht signiert]
FF Extension: FoxLingo - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-11-10] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-12-19] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{ad55c869-668e-457c-b270-0cfb2f61116f} [2015-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-15] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-14] [ist nicht signiert]
FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2013-10-25]
Chrome:
=======
CHR Profile: C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (a2zLyrics-1) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn [2013-09-14]
CHR Extension: (YouTube) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google-Suche) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-05]
CHR Extension: (Google Mail) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-07-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-10-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [930944 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1222952 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S2 ClipInc001; C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe [1412608 2008-04-30] () [Datei ist nicht signiert]
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [Datei ist nicht signiert]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2008-04-03] (Google) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
R2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
S3 SoundMovieServer; C:\Windows\system32\snmvtsvc.exe [184320 2008-04-17] (SoundMovieServer) [Datei ist nicht signiert]
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [Datei ist nicht signiert]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert]
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [Datei ist nicht signiert]
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]
S2 BGLiveSvc; "C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe" [X]
S2 BgMainSvc; C:\Program Files\BullGuard Software\BullGuard\BsMain.dll [X]
S2 BsFileScan; C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll [X]
S2 BsMailProxy; C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2008-09-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [50896 2008-04-03] (BullGuard Ltd.)
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com) [Datei ist nicht signiert]
R3 DrmCDriverV32; C:\Windows\System32\drivers\DrmCDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R3 DrmCVideo32; C:\Windows\System32\DRIVERS\DrmCVideo32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2008-02-20] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-09-10] ()
R3 MovRVDrv32; C:\Windows\System32\DRIVERS\MovRVDrv32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R1 SLEE_16_DRIVER; C:\Windows\system32\drivers\Sleen16.sys [79104 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
R3 SndTDriverV32; C:\Windows\System32\drivers\SndTDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-04-27] () [Datei ist nicht signiert]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25088 2007-04-25] (The OpenVPN Project)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [26784 2007-12-11] (RapidSolution Software AG)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [1499648 2008-09-10] (C-Media Electronics Inc)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U3 a4houb3n; C:\Windows\system32\Drivers\a4houb3n.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [Datei ist nicht signiert]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [28160 2008-01-21] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-21 16:46 - 2015-12-21 16:47 - 00052101 _____ C:\Users\Nikos\Desktop\FRST.txt
2015-12-21 12:57 - 2015-12-21 12:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-12-21 12:47 - 2015-12-21 12:48 - 164803434 _____ C:\Users\Nikos\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-12-21 12:03 - 2015-12-21 16:46 - 00000000 ____D C:\FRST
2015-12-21 12:01 - 2015-12-21 12:01 - 01721344 _____ (Farbar) C:\Users\Nikos\Desktop\FRST.exe
2015-12-19 13:08 - 2015-12-19 15:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-16 20:33 - 2015-12-16 20:33 - 01304503 _____ C:\Users\Nikos\Downloads\Neues aus Uhlenhorst - Elternbrief 2015-12-14.pdf
2015-12-15 18:37 - 2015-12-15 18:37 - 00165905 _____ C:\Users\Nikos\Downloads\Rechnung-201529324-28275.pdf
2015-12-10 11:56 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-10 11:56 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-10 11:56 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-10 11:56 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 11:56 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 11:56 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-10 11:56 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 11:54 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 11:52 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 11:52 - 2015-11-05 08:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 13:30 - 2015-12-10 12:59 - 00322560 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2015.xls
2015-12-09 11:52 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 11:52 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 11:52 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 11:52 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 11:52 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 11:52 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 11:52 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 11:52 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-09 11:52 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 11:52 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-05 22:36 - 2015-12-05 22:36 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_a_install.exe
2015-12-01 13:09 - 2015-12-01 13:09 - 00000000 ____D C:\premium(0)
2015-11-28 22:22 - 2015-11-28 22:22 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_ha_install.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-21 16:44 - 2012-04-08 19:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-21 16:36 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 16:36 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 16:15 - 2011-10-04 23:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job
2015-12-21 15:52 - 2009-12-19 18:23 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 13:19 - 2009-03-24 10:11 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-12-21 12:58 - 2013-09-02 17:39 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-12-21 12:03 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2015-12-21 10:41 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\ApplicationHistory
2015-12-21 10:40 - 2009-12-19 18:23 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 10:38 - 2014-03-17 23:08 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-12-21 10:36 - 2009-07-22 16:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-21 10:36 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 01:03 - 2008-09-08 17:14 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-12-21 01:03 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-20 01:14 - 2011-10-04 23:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job
2015-12-19 15:39 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-19 13:07 - 2008-10-03 12:31 - 01618774 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 13:07 - 2008-01-21 08:15 - 00702178 _____ C:\Windows\system32\perfh007.dat
2015-12-19 13:07 - 2008-01-21 08:15 - 00158346 _____ C:\Windows\system32\perfc007.dat
2015-12-19 13:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-17 22:18 - 2014-08-20 21:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 22:18 - 2013-08-08 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 21:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-17 21:47 - 2008-04-03 18:38 - 00000000 ____D C:\Users\Nikos
2015-12-17 21:47 - 2008-02-20 13:07 - 00000000 ___HD C:\Users\IUSR_NMPR
2015-12-17 21:47 - 2006-11-02 11:22 - 73924608 _____ C:\Windows\system32\config\software_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 47972352 _____ C:\Windows\system32\config\components_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 43778048 _____ C:\Windows\system32\config\system_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Reihe · Business Line
2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\premium
2015-12-17 21:46 - 2012-08-03 19:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-17 21:46 - 2011-10-04 23:40 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-17 21:46 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\TVEnhance
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2015-12-17 21:22 - 2015-01-14 09:28 - 00000000 ____D C:\Users\Nikos\Desktop\willy.tel rechnung
2015-12-16 14:26 - 2012-10-20 19:34 - 00000000 ____D C:\Users\Nikos\Desktop\SINTAGES
2015-12-15 18:36 - 2008-04-04 00:23 - 00000000 ____D C:\Users\Nikos\AppData\Local\Adobe
2015-12-11 13:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-12-11 12:35 - 2006-11-02 13:47 - 00435264 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 12:31 - 2008-06-24 14:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 01:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-12-10 11:58 - 2010-06-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 11:52 - 2013-08-16 08:51 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 11:35 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-09 19:45 - 2014-12-30 23:58 - 00296960 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2014.xls
2015-12-09 14:44 - 2012-04-08 19:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 14:44 - 2011-05-15 15:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-05 19:58 - 2015-01-10 00:57 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-05 19:58 - 2015-01-10 00:57 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-02 13:25 - 2009-10-03 00:54 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-05-25 19:40 - 2010-05-25 19:40 - 145988770 _____ () C:\Program Files\openofficeorg1.cab
2010-05-25 19:43 - 2010-05-25 19:43 - 3099136 _____ () C:\Program Files\openofficeorg32.msi
2010-05-25 19:41 - 2010-05-25 19:41 - 0460088 _____ () C:\Program Files\setup.exe
2010-05-25 18:46 - 2010-05-25 18:46 - 0000290 _____ () C:\Program Files\setup.ini
2012-12-03 18:29 - 2012-12-03 18:29 - 0000288 _____ () C:\Users\Nikos\AppData\Roaming\.backup.dm
2010-05-14 02:38 - 2010-05-14 02:45 - 0001028 _____ () C:\Users\Nikos\AppData\Roaming\AVIEncoder.wff
2008-12-11 21:53 - 2009-01-03 20:59 - 0000000 _____ () C:\Users\Nikos\AppData\Roaming\AVSDVDPlayer.m3u
2008-04-06 19:57 - 2014-03-24 00:25 - 0000196 _____ () C:\Users\Nikos\AppData\Roaming\Default.PLS
2009-01-02 13:24 - 2009-01-04 17:45 - 0081920 _____ () C:\Users\Nikos\AppData\Roaming\ezpinst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0087608 _____ () C:\Users\Nikos\AppData\Roaming\inst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0007887 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.cat
2008-06-05 17:51 - 2011-09-25 20:41 - 0001144 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.inf
2008-06-05 17:51 - 2011-09-25 20:41 - 0000055 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.log
2008-06-05 17:51 - 2011-09-25 20:41 - 0047360 _____ (VSO Software) C:\Users\Nikos\AppData\Roaming\pcouffin.sys
2008-04-03 20:12 - 2013-09-14 11:07 - 0000460 _____ () C:\Users\Nikos\AppData\Roaming\wklnhst.dat
2011-01-19 13:57 - 2015-11-02 19:45 - 0001188 _____ () C:\Users\Nikos\AppData\Local\crc32list11.txt
2008-04-03 23:34 - 2015-07-19 18:01 - 0008268 _____ () C:\Users\Nikos\AppData\Local\d3d9caps.dat
2008-04-04 22:21 - 2015-11-03 13:37 - 0146432 _____ () C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-04-03 18:39 - 2008-04-03 18:39 - 0000093 _____ () C:\Users\Nikos\AppData\Local\fusioncache.dat
2008-05-19 11:27 - 2008-05-19 11:27 - 0000022 _____ () C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
2008-04-08 17:59 - 2008-04-08 17:59 - 0000305 _____ () C:\ProgramData\addr_file.html
2008-04-03 19:18 - 2010-01-22 19:35 - 0021183 _____ () C:\ProgramData\hpzinstall.log
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.001
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.dat
2008-04-25 20:34 - 2008-04-25 20:34 - 0004977 _____ () C:\ProgramData\ywasvxup.hvs
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe
Einige Dateien in TEMP:
====================
C:\Users\Nikos\AppData\Local\Temp\AskSLib.dll
C:\Users\Nikos\AppData\Local\Temp\avgnt.exe
C:\Users\Nikos\AppData\Local\Temp\GdiPlus.dll
C:\Users\Nikos\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Nikos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Nikos\AppData\Local\Temp\sfextra.dll
C:\Users\Nikos\AppData\Local\Temp\tbedrs.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-21 10:50
==================== Ende vom FRST.txt ============================
|
|
29.12.2015, 21:52
| #3 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Heitmann Metallhandel Makros Virus Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.12.2015, 13:11
| #4 |
| | TDSS Scan Hallo Jürgen , herzlichen Dank das du mir bei meinem Problem helfen möchtest. Ich habe den Scan ausgeführt und stelle das Ergebnis hier ein. Code:
ATTFilter 12:58:38.0357 0x1298 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:58:58.0622 0x1298 ============================================================
12:58:58.0622 0x1298 Current date / time: 2015/12/30 12:58:58.0622
12:58:58.0622 0x1298 SystemInfo:
12:58:58.0622 0x1298
12:58:58.0622 0x1298 OS Version: 6.0.6002 ServicePack: 2.0
12:58:58.0622 0x1298 Product type: Workstation
12:58:58.0637 0x1298 ComputerName: NIKOS-PC
12:58:58.0637 0x1298 UserName: Nikos
12:58:58.0637 0x1298 Windows directory: C:\Windows
12:58:58.0637 0x1298 System windows directory: C:\Windows
12:58:58.0637 0x1298 Processor architecture: Intel x86
12:58:58.0637 0x1298 Number of processors: 4
12:58:58.0637 0x1298 Page size: 0x1000
12:58:58.0637 0x1298 Boot type: Normal boot
12:58:58.0637 0x1298 ============================================================
12:58:59.0355 0x1298 KLMD registered as C:\Windows\system32\drivers\34945187.sys
12:58:59.0823 0x1298 System UUID: {EFFC1020-C4F3-1FC1-CC30-B017428EE614}
12:59:00.0837 0x1298 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:59:00.0915 0x1298 ============================================================
12:59:00.0915 0x1298 \Device\Harddisk0\DR0:
12:59:00.0915 0x1298 MBR partitions:
12:59:00.0915 0x1298 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37B83800
12:59:00.0946 0x1298 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
12:59:00.0946 0x1298 ============================================================
12:59:01.0009 0x1298 C: <-> \Device\Harddisk0\DR0\Partition1
12:59:01.0055 0x1298 D: <-> \Device\Harddisk0\DR0\Partition2
12:59:01.0055 0x1298 ============================================================
12:59:01.0055 0x1298 Initialize success
12:59:01.0055 0x1298 ============================================================
13:00:29.0026 0x07cc ============================================================
13:00:29.0026 0x07cc Scan started
13:00:29.0026 0x07cc Mode: Manual; SigCheck; TDLFS;
13:00:29.0026 0x07cc ============================================================
13:00:29.0026 0x07cc KSN ping started
13:00:31.0881 0x07cc KSN ping finished: true
13:00:35.0375 0x07cc ================ Scan system memory ========================
13:00:35.0375 0x07cc System memory - ok
13:00:35.0375 0x07cc ================ Scan services =============================
13:00:35.0578 0x07cc [ 651C54AC4EC5C5397C5AFF5D575CA45B, FDEC7CB01158981A6093C72F6E57246FACD02F8BC53481EEF08124A045BCB512 ] 3xHybrid C:\Windows\system32\DRIVERS\3xHybrid.sys
13:00:35.0921 0x07cc 3xHybrid - ok
13:00:35.0999 0x07cc [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:00:36.0046 0x07cc ACPI - ok
13:00:36.0187 0x07cc [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:00:36.0218 0x07cc AdobeARMservice - ok
13:00:36.0343 0x07cc [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:00:36.0389 0x07cc AdobeFlashPlayerUpdateSvc - ok
13:00:36.0499 0x07cc [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:00:36.0592 0x07cc adp94xx - ok
13:00:36.0655 0x07cc [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:00:36.0686 0x07cc adpahci - ok
13:00:36.0733 0x07cc [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:00:36.0748 0x07cc adpu160m - ok
13:00:36.0779 0x07cc [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:00:36.0811 0x07cc adpu320 - ok
13:00:36.0857 0x07cc [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:00:36.0998 0x07cc AeLookupSvc - ok
13:00:37.0060 0x07cc [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD C:\Windows\system32\drivers\afd.sys
13:00:37.0154 0x07cc AFD - ok
13:00:37.0216 0x07cc [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:00:37.0247 0x07cc agp440 - ok
13:00:37.0294 0x07cc [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:00:37.0325 0x07cc aic78xx - ok
13:00:37.0435 0x07cc [ CF86F64A1AEA27E5FA97E697BF70346D, 51B5C707AEC67C9686925567710F70C62AE8CD640B132A05BA51A446E10D873E ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
13:00:37.0466 0x07cc AlertService - ok
13:00:37.0497 0x07cc [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
13:00:37.0653 0x07cc ALG - ok
13:00:37.0684 0x07cc [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
13:00:37.0715 0x07cc aliide - ok
13:00:37.0731 0x07cc [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:00:37.0762 0x07cc amdagp - ok
13:00:37.0778 0x07cc [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
13:00:37.0793 0x07cc amdide - ok
13:00:37.0840 0x07cc [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:00:37.0903 0x07cc AmdK7 - ok
13:00:37.0934 0x07cc [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:00:37.0981 0x07cc AmdK8 - ok
13:00:38.0105 0x07cc [ D1CC2C50CC47D9973E801567418EA41D, D217D6978FE9EBDFED5C4970F8EB2474450E0376FA65FE6243C1CCCD3075A18D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
13:00:38.0215 0x07cc AntiVirMailService - ok
13:00:38.0277 0x07cc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:00:38.0339 0x07cc AntiVirSchedulerService - ok
13:00:38.0480 0x07cc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:00:38.0542 0x07cc AntiVirService - ok
13:00:38.0651 0x07cc [ 5B948452C2BADBD7C6575E0CC29AE80B, 7236A776531D1245BE567C6ACA1C578F41457D7A0B717C2DEDA433FF6FF4D1CE ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:00:38.0807 0x07cc AntiVirWebService - ok
13:00:38.0917 0x07cc [ D41231AECFEE88973D56AEC2EE5B962D, BB41C9E436186155E5340780564FC52A36481E474C42965B5BBC57B6C42ADA38 ] APNMCP C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
13:00:38.0948 0x07cc APNMCP - ok
13:00:39.0010 0x07cc [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
13:00:39.0088 0x07cc Appinfo - ok
13:00:39.0322 0x07cc [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:00:39.0338 0x07cc Apple Mobile Device - ok
13:00:39.0385 0x07cc [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
13:00:39.0416 0x07cc arc - ok
13:00:39.0494 0x07cc [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:00:39.0525 0x07cc arcsas - ok
13:00:39.0603 0x07cc [ E54E27976E2C5A6465D44C10B1D87AC0, B410F9D324633E14019B6762D1E61B69F365BDB318AA24A516FCA662E0502293 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
13:00:39.0634 0x07cc ASPI - detected UnsignedFile.Multi.Generic ( 1 )
13:00:42.0536 0x07cc Detect skipped due to KSN trusted
13:00:42.0536 0x07cc ASPI - ok
13:00:42.0661 0x07cc [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:00:42.0770 0x07cc aspnet_state - ok
13:00:42.0848 0x07cc [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:00:42.0895 0x07cc AsyncMac - ok
13:00:42.0957 0x07cc [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
13:00:42.0973 0x07cc atapi - ok
13:00:43.0051 0x07cc [ 3C4B9850A2631C2263507400D029057B, A3DFF043B92C2F8C533BA609FB9FB20CF132E9D516449877CC2EDD75F1D6BC5C ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
13:00:43.0097 0x07cc atksgt - ok
13:00:43.0207 0x07cc [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:00:43.0300 0x07cc AudioEndpointBuilder - ok
13:00:43.0316 0x07cc [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:00:43.0347 0x07cc Audiosrv - ok
13:00:43.0409 0x07cc [ 0F0030B2C9AABCC8D1E70F1A1E9674D8, B4384E3F0BE7E68630212A7D81CD171233BB242F9720893638D0A6B496F98E6C ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:00:43.0441 0x07cc avgntflt - ok
13:00:43.0503 0x07cc [ 48C94CD2D3DC713C2DF1BBA93386F4CB, 20DFAAEAF8F81F84A9F5614ECEBCED0D08BBB6874078BC32D53273F064A0103A ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:00:43.0534 0x07cc avipbb - ok
13:00:43.0643 0x07cc [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
13:00:43.0675 0x07cc Avira.ServiceHost - ok
13:00:43.0753 0x07cc [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:00:43.0768 0x07cc avkmgr - ok
13:00:43.0940 0x07cc [ A2494901E7226B356B8C1005C45F1C5F, A4A7076D40B012BB415C4B661B8C45671B853330746E278D080EC96596EEECBE ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
13:00:43.0971 0x07cc BBSvc - ok
13:00:44.0080 0x07cc [ 63B1CBBAE4790B5BAC98F01BF9449722, 0A49B9FCEF33B38132B0AB8A9D7591A46856E82BC2123841E27A895817D92695 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
13:00:44.0127 0x07cc BBUpdate - ok
13:00:44.0143 0x07cc [ 49EA1829AD8FE3BC7E56B81EC4922BE5, 43A79CEB613D04F6F67D40D57935CF4CC86C0A7EFD4487BD147463DE299C0602 ] BdFileSpy C:\Windows\system32\drivers\BdFileSpy.sys
13:00:44.0174 0x07cc BdFileSpy - ok
13:00:44.0221 0x07cc [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
13:00:44.0267 0x07cc Beep - ok
13:00:44.0345 0x07cc [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
13:00:44.0470 0x07cc BFE - ok
13:00:44.0470 0x07cc BGLiveSvc - ok
13:00:44.0501 0x07cc BgMainSvc - ok
13:00:44.0735 0x07cc [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
13:00:44.0860 0x07cc BITS - ok
13:00:44.0891 0x07cc [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:00:44.0969 0x07cc blbdrive - ok
13:00:45.0079 0x07cc [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:00:45.0172 0x07cc Bonjour Service - ok
13:00:45.0219 0x07cc [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:00:45.0313 0x1770 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
13:00:45.0391 0x07cc bowser - ok
13:00:45.0469 0x07cc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:00:45.0547 0x07cc BrFiltLo - ok
13:00:45.0578 0x07cc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:00:45.0640 0x07cc BrFiltUp - ok
13:00:45.0749 0x07cc [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
13:00:45.0843 0x07cc Browser - ok
13:00:45.0874 0x07cc [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:00:46.0155 0x07cc Brserid - ok
13:00:46.0171 0x07cc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:00:46.0264 0x07cc BrSerWdm - ok
13:00:46.0280 0x07cc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:00:46.0358 0x07cc BrUsbMdm - ok
13:00:46.0373 0x07cc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:00:46.0451 0x07cc BrUsbSer - ok
13:00:46.0483 0x07cc BsFileScan - ok
13:00:46.0483 0x07cc BsMailProxy - ok
13:00:46.0514 0x07cc [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:00:46.0561 0x07cc BTHMODEM - ok
13:00:46.0623 0x07cc [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
13:00:46.0732 0x07cc BthServ - ok
13:00:46.0763 0x07cc [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:00:46.0795 0x07cc cdfs - ok
13:00:46.0826 0x07cc [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:00:46.0857 0x07cc cdrom - ok
13:00:46.0888 0x07cc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
13:00:46.0935 0x07cc CertPropSvc - ok
13:00:46.0982 0x07cc [ 4798C1AD22BAF6FF25451E2194E034D1, 1E2DD8EB6CC1095F8113448724354567AA8CEAC269391CC72B7ADCBF657CD53A ] CH341SER C:\Windows\system32\Drivers\CH341SER.SYS
13:00:47.0013 0x07cc CH341SER - detected UnsignedFile.Multi.Generic ( 1 )
13:00:48.0667 0x1770 Object send P2P result: true
13:00:48.0667 0x1770 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:00:49.0868 0x07cc Detect skipped due to KSN trusted
13:00:49.0868 0x07cc CH341SER - ok
13:00:50.0086 0x07cc [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
13:00:50.0164 0x07cc circlass - ok
13:00:50.0258 0x07cc [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
13:00:50.0273 0x07cc CLFS - ok
13:00:50.0383 0x07cc ClipInc001 - ok
13:00:50.0492 0x07cc [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:00:50.0507 0x07cc clr_optimization_v2.0.50727_32 - ok
13:00:50.0554 0x07cc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:00:50.0773 0x07cc clr_optimization_v4.0.30319_32 - ok
13:00:50.0788 0x07cc [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:00:50.0819 0x07cc cmdide - ok
13:00:50.0866 0x07cc [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:00:50.0882 0x07cc Compbatt - ok
13:00:50.0897 0x07cc COMSysApp - ok
13:00:50.0944 0x07cc [ 75FA19142531CBF490770C2988A7DB64, C673F2EED5D0EED307A67119D20A91C8818A53A3CB616E2984876B07E5C62547 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x32.sys
13:00:50.0975 0x07cc cpuz134 - ok
13:00:50.0991 0x07cc [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:00:51.0022 0x07cc crcdisk - ok
13:00:51.0038 0x07cc [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:00:51.0085 0x07cc Crusoe - ok
13:00:51.0178 0x07cc [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:00:51.0241 0x07cc CryptSvc - ok
13:00:51.0303 0x07cc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:00:51.0459 0x07cc DcomLaunch - ok
13:00:51.0506 0x07cc [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:00:51.0615 0x07cc DfsC - ok
13:00:51.0755 0x07cc [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
13:00:51.0818 0x1770 Object send P2P result: true
13:00:51.0818 0x1770 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:00:51.0958 0x07cc DFSR - ok
13:00:52.0052 0x07cc [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:00:52.0114 0x07cc Dhcp - ok
13:00:52.0208 0x07cc [ 2C56880D37785CF2C07B0309CEBB0A7D, 872A32C15492B6885DEDCCD7A7557FCBE0B049875A60C83969A6DA0EA6DA4528 ] DHTRACE C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
13:00:52.0223 0x07cc DHTRACE - ok
13:00:52.0286 0x07cc [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
13:00:52.0317 0x07cc disk - ok
13:00:52.0411 0x07cc [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:00:52.0489 0x07cc Dnscache - ok
13:00:52.0535 0x07cc [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
13:00:52.0598 0x07cc dot3svc - ok
13:00:52.0676 0x07cc [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
13:00:52.0754 0x07cc DPS - ok
13:00:52.0816 0x07cc [ 28B42D80CE943A98C6BCEA67263CBDFF, 4368D630D3A5919C78C9C6311807F6B1A53F6A8B023433272151CE229923FC8D ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
13:00:52.0863 0x07cc DQLWinService - detected UnsignedFile.Multi.Generic ( 1 )
13:00:52.0925 0x02a8 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
13:00:54.0829 0x1770 Object send P2P result: true
13:00:55.0858 0x07cc Detect skipped due to KSN trusted
13:00:55.0858 0x07cc DQLWinService - ok
13:00:55.0921 0x07cc [ C88EAD1E773C444F6ABBA21D01A83408, 1673A65615C0FF1F21898AF018970A33F80120397CDED26554FCDC91F03378FA ] DrmCDriverV32 C:\Windows\system32\drivers\DrmCDriverV32.sys
13:00:55.0936 0x07cc DrmCDriverV32 - ok
13:00:55.0967 0x07cc [ CB48C23769C56977EC3DE6DF0C6DBB8C, ADDD846C1AF8BEDE2370A99C46C2A0AF8348DCF6B2BD29568E0E16A36E3E079D ] DrmCVideo32 C:\Windows\system32\DRIVERS\DrmCVideo32.sys
13:00:55.0983 0x07cc DrmCVideo32 - ok
13:00:56.0030 0x07cc [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:00:56.0077 0x02a8 Object send P2P result: true
13:00:56.0092 0x07cc drmkaud - ok
13:00:56.0155 0x07cc [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:00:56.0264 0x07cc DXGKrnl - ok
13:00:56.0342 0x07cc [ 476D9F2F0789CDE89ACEE2A2FB21EC5A, ADE01C948B0DEF4B7C4D20C5548CC58CDB61DF7C4DA7F5CE3D21564806046D51 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
13:00:56.0389 0x07cc e1express - ok
13:00:56.0513 0x07cc [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:00:56.0560 0x07cc E1G60 - ok
13:00:56.0591 0x07cc [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
13:00:56.0607 0x07cc EapHost - ok
13:00:56.0685 0x07cc [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:00:56.0701 0x07cc Ecache - ok
13:00:56.0779 0x07cc [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:00:56.0857 0x07cc ehRecvr - ok
13:00:56.0872 0x07cc [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
13:00:56.0935 0x07cc ehSched - ok
13:00:56.0950 0x07cc [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
13:00:56.0997 0x07cc ehstart - ok
13:00:57.0044 0x07cc [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:00:57.0091 0x07cc elxstor - ok
13:00:57.0169 0x07cc [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:00:57.0247 0x07cc EMDMgmt - ok
13:00:57.0278 0x07cc [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:00:57.0371 0x07cc ErrDev - ok
13:00:57.0465 0x07cc [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
13:00:57.0574 0x07cc EventSystem - ok
13:00:57.0605 0x07cc ewusbnet - ok
13:00:57.0637 0x07cc [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
13:00:57.0683 0x07cc ew_hwusbdev - ok
13:00:57.0746 0x07cc [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
13:00:57.0824 0x07cc exfat - ok
13:00:57.0855 0x07cc [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:00:57.0902 0x07cc fastfat - ok
13:00:57.0902 0x07cc [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:00:57.0995 0x07cc fdc - ok
13:00:58.0027 0x07cc [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
13:00:58.0073 0x07cc fdPHost - ok
13:00:58.0105 0x07cc [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
13:00:58.0183 0x07cc FDResPub - ok
13:00:58.0229 0x07cc [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:00:58.0245 0x07cc FileInfo - ok
13:00:58.0261 0x07cc [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:00:58.0307 0x07cc Filetrace - ok
13:00:58.0463 0x07cc [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe
13:00:58.0682 0x07cc FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
13:01:01.0646 0x07cc Detect skipped due to KSN trusted
13:01:01.0646 0x07cc FirebirdServerMAGIXInstance - ok
13:01:01.0661 0x07cc [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:01:01.0708 0x07cc flpydisk - ok
13:01:01.0802 0x07cc [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:01:01.0833 0x07cc FltMgr - ok
13:01:01.0958 0x07cc [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache C:\Windows\system32\FntCache.dll
13:01:02.0145 0x07cc FontCache - ok
13:01:02.0223 0x07cc [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:01:02.0254 0x07cc FontCache3.0.0.0 - ok
13:01:02.0317 0x07cc [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
13:01:02.0379 0x07cc FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
13:01:05.0265 0x07cc Detect skipped due to KSN trusted
13:01:05.0265 0x07cc FsUsbExDisk - ok
13:01:05.0312 0x07cc [ 96633419F4A1E37ACB89B45EBCCFE001, 53DC59D8EB89F380BC2DBB009EDFFD66552D68B8606187A75FEF64707267E4F9 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
13:01:05.0359 0x07cc FsUsbExService - ok
13:01:05.0405 0x07cc [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:01:05.0468 0x07cc Fs_Rec - ok
13:01:05.0483 0x07cc [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:01:05.0515 0x07cc gagp30kx - ok
13:01:05.0577 0x07cc [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:01:05.0593 0x07cc GEARAspiWDM - ok
13:01:05.0639 0x07cc [ 51B2D8629E1A0F463682F365D56325CB, A0D5290F1D30AF12305F54DAB46F94FB63BF902E7B9238352E5EC3A9ED42C184 ] GnabService c:\program files\common files\gnab\service\servicecontroller.exe
13:01:05.0671 0x07cc GnabService - detected UnsignedFile.Multi.Generic ( 1 )
13:01:08.0635 0x07cc Detect skipped due to KSN trusted
13:01:08.0635 0x07cc GnabService - ok
13:01:08.0775 0x07cc [ 33EFD5039EA1BFA623D8BB9FB787CB0F, 5A89579BBA9EFE973054CE3485B9D6319D5D04A0411C8233AD7B926F05F8CC8F ] GoogleDesktopManager C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
13:01:08.0853 0x07cc GoogleDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
13:01:11.0770 0x07cc Detect skipped due to KSN trusted
13:01:11.0770 0x07cc GoogleDesktopManager - ok
13:01:12.0067 0x07cc [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
13:01:12.0191 0x07cc gpsvc - ok
13:01:12.0285 0x07cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:01:12.0332 0x07cc gupdate - ok
13:01:12.0379 0x07cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:01:12.0394 0x07cc gupdatem - ok
13:01:12.0503 0x07cc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:01:12.0535 0x07cc gusvc - ok
13:01:12.0597 0x07cc [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:01:12.0644 0x07cc HdAudAddService - ok
13:01:12.0706 0x07cc [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:01:12.0815 0x07cc HDAudBus - ok
13:01:12.0862 0x07cc [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:01:12.0940 0x07cc HidBth - ok
13:01:12.0971 0x07cc [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
13:01:13.0049 0x07cc HidIr - ok
13:01:13.0081 0x07cc [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
13:01:13.0127 0x07cc hidserv - ok
13:01:13.0143 0x07cc [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:01:13.0174 0x07cc HidUsb - ok
13:01:13.0190 0x07cc [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
13:01:13.0237 0x07cc hkmsvc - ok
13:01:13.0252 0x07cc [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:01:13.0283 0x07cc HpCISSs - ok
13:01:13.0393 0x07cc [ 682358F730B84B63E09C6B4EDC1DE7AE, D05287004BABA571005C435CB643081DDC60E1CC0362A1BEB04E01E945BD2001 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:01:13.0424 0x07cc hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:16.0778 0x07cc Detect skipped due to KSN trusted
13:01:16.0778 0x07cc hpqcxs08 - ok
13:01:16.0840 0x07cc [ 2E7BEE4AA776CF1C37836B26D1D29403, 14763BD5936A059F91FF5EBE5E6535FE4C9B351DF3D3BD8C248DDA3642AE64C5 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:01:16.0918 0x07cc hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:01:19.0711 0x07cc Detect skipped due to KSN trusted
13:01:19.0711 0x07cc hpqddsvc - ok
13:01:19.0757 0x07cc [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:01:19.0835 0x07cc HTTP - ok
13:01:19.0913 0x07cc [ 2F23ABA465B24A57E8664A124A53CC15, E2B5A605E4E4B71AA57D0911A60B277E1787D6C5D8EDED767A6BCBCF46B26893 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
13:01:20.0007 0x07cc huawei_enumerator - ok
13:01:20.0054 0x07cc hwdatacard - ok
13:01:20.0085 0x07cc [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:01:20.0116 0x07cc i2omp - ok
13:01:20.0210 0x07cc [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:01:20.0257 0x07cc i8042prt - ok
13:01:20.0350 0x07cc [ 9BCF5972C941B4B5CB60DED03CB9E300, 96D9410DA54DEC58A440F30F1FD426BDA959A9DF29882EA53EC4FE8F8DF315E9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:01:20.0428 0x07cc IAANTMON - ok
13:01:20.0459 0x07cc [ 28AAE599496B4930B3F19026F2083BC4, 7C3531D645E5DA86C62C1CB9256450A19D27A454D89ECF5AE7AF9820B89553E8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:01:20.0475 0x07cc iaStor - ok
13:01:20.0506 0x07cc [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:01:20.0584 0x07cc iaStorV - ok
13:01:20.0709 0x07cc [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:01:20.0756 0x07cc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:01:23.0564 0x07cc Detect skipped due to KSN trusted
13:01:23.0564 0x07cc IDriverT - ok
13:01:23.0720 0x07cc [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:01:23.0876 0x07cc idsvc - ok
13:01:23.0907 0x07cc [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:01:23.0923 0x07cc iirsp - ok
13:01:24.0001 0x07cc [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
13:01:24.0157 0x07cc IKEEXT - ok
13:01:24.0172 0x07cc IntcAzAudAddService - ok
13:01:24.0203 0x07cc [ 7F440F8CED849FCDFA85BB3521B4F048, 1E2B295DE14B7DD704D637546F164CCCF068755227A0FBE30C14044A731FFFF5 ] IntelDH C:\Windows\system32\Drivers\IntelDH.sys
13:01:24.0281 0x07cc IntelDH - ok
13:01:24.0328 0x07cc [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
13:01:24.0359 0x07cc intelide - ok
13:01:24.0406 0x07cc [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:01:24.0453 0x07cc intelppm - ok
13:01:24.0500 0x07cc [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:01:24.0547 0x07cc IPBusEnum - ok
13:01:24.0562 0x07cc [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:01:24.0625 0x07cc IpFilterDriver - ok
13:01:24.0687 0x07cc [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:01:24.0781 0x07cc iphlpsvc - ok
13:01:24.0781 0x07cc IpInIp - ok
13:01:24.0796 0x07cc [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:01:24.0874 0x07cc IPMIDRV - ok
13:01:24.0921 0x07cc [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:01:24.0952 0x07cc IPNAT - ok
13:01:25.0046 0x07cc [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:01:25.0155 0x07cc iPod Service - ok
13:01:25.0186 0x07cc [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:01:25.0217 0x07cc IRENUM - ok
13:01:25.0249 0x07cc [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:01:25.0264 0x07cc isapnp - ok
13:01:25.0311 0x07cc [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:01:25.0342 0x07cc iScsiPrt - ok
13:01:25.0420 0x07cc [ 50ADB2883F8874AA6632A67CD410F27F, 1AFFA1C56ED0C50F2E4BB215426FB3727CB516C89F5A945A55662CE93CB64353 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
13:01:25.0451 0x07cc ISSM - ok
13:01:25.0467 0x07cc [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:01:25.0483 0x07cc iteatapi - ok
13:01:25.0514 0x07cc [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:01:25.0545 0x07cc iteraid - ok
13:01:25.0576 0x07cc [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:01:25.0576 0x07cc kbdclass - ok
13:01:25.0732 0x07cc [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:01:25.0795 0x07cc kbdhid - ok
13:01:25.0873 0x07cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
13:01:25.0982 0x07cc KeyIso - ok
13:01:26.0060 0x07cc [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:01:26.0153 0x07cc KSecDD - ok
13:01:26.0231 0x07cc [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:01:26.0309 0x07cc KtmRm - ok
13:01:26.0356 0x07cc [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
13:01:26.0434 0x07cc LanmanServer - ok
13:01:26.0497 0x07cc [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:01:26.0590 0x07cc LanmanWorkstation - ok
13:01:26.0653 0x07cc [ 4127E8B6DDB4090E815C1F8852C277D3, A5BC1F65FA6D8952CDDA08320ADDF0E4394E10AE4780017C8C86AC5E68DF83F8 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
13:01:26.0684 0x07cc lirsgt - ok
13:01:26.0699 0x07cc [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:01:26.0746 0x07cc lltdio - ok
13:01:26.0793 0x07cc [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:01:26.0855 0x07cc lltdsvc - ok
13:01:26.0902 0x07cc [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:01:26.0965 0x07cc lmhosts - ok
13:01:27.0011 0x07cc [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:01:27.0043 0x07cc LSI_FC - ok
13:01:27.0105 0x07cc [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:01:27.0136 0x07cc LSI_SAS - ok
13:01:27.0199 0x07cc [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:01:27.0214 0x07cc LSI_SCSI - ok
13:01:27.0261 0x07cc [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
13:01:27.0292 0x07cc luafv - ok
13:01:27.0386 0x07cc [ 9A3741D5412AB81B86992915E3ECD3E9, 2EFBD6441981698031E7999ED980D7BE16ADE1DA4C28EF16634A90C8E8241B9C ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
13:01:27.0417 0x07cc M1 Server - ok
13:01:27.0511 0x07cc [ 6AD27B01272F966C9611A398961FCF15, D74121D5F87CBDF5BC121665AF35BF304DBAE345EF3DB442D2791119C0603C4D ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
13:01:27.0526 0x07cc MCLServiceATL - ok
13:01:27.0573 0x07cc [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:01:27.0589 0x07cc Mcx2Svc - ok
13:01:27.0651 0x07cc [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
13:01:27.0667 0x07cc megasas - ok
13:01:27.0729 0x07cc [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:01:27.0791 0x07cc MegaSR - ok
13:01:27.0869 0x07cc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
13:01:27.0901 0x07cc MMCSS - ok
13:01:27.0916 0x07cc [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
13:01:27.0963 0x07cc Modem - ok
13:01:27.0994 0x07cc [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:01:28.0041 0x07cc monitor - ok
13:01:28.0072 0x07cc [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:01:28.0088 0x07cc mouclass - ok
13:01:28.0150 0x07cc [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:01:28.0213 0x07cc mouhid - ok
13:01:28.0244 0x07cc [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:01:28.0259 0x07cc MountMgr - ok
13:01:28.0337 0x07cc [ CB48C23769C56977EC3DE6DF0C6DBB8C, ADDD846C1AF8BEDE2370A99C46C2A0AF8348DCF6B2BD29568E0E16A36E3E079D ] MovRVDrv32 C:\Windows\system32\DRIVERS\MovRVDrv32.sys
13:01:28.0353 0x07cc MovRVDrv32 - ok
13:01:28.0462 0x07cc [ 9763F3C17AC8C095C4419482BD1484BA, 5E329D63ADF7ADAF615DF45F7A0C1E9528B1A5CEE50B6340CEE8584EFE285FB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:01:28.0478 0x07cc MozillaMaintenance - ok
13:01:28.0525 0x07cc [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:01:28.0556 0x07cc mpio - ok
13:01:28.0571 0x07cc [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:01:28.0618 0x07cc mpsdrv - ok
13:01:28.0649 0x07cc [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:01:28.0696 0x07cc MpsSvc - ok
13:01:28.0712 0x07cc [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:01:28.0743 0x07cc Mraid35x - ok
13:01:28.0790 0x07cc [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:01:28.0868 0x07cc MRxDAV - ok
13:01:28.0899 0x07cc [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:01:28.0961 0x07cc mrxsmb - ok
13:01:28.0993 0x07cc [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:01:29.0055 0x07cc mrxsmb10 - ok
13:01:29.0086 0x07cc [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:01:29.0149 0x07cc mrxsmb20 - ok
13:01:29.0180 0x07cc [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
13:01:29.0211 0x07cc msahci - ok
13:01:29.0227 0x07cc [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:01:29.0258 0x07cc msdsm - ok
13:01:29.0289 0x07cc [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
13:01:29.0398 0x07cc MSDTC - ok
13:01:29.0414 0x07cc [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:01:29.0461 0x07cc Msfs - ok
13:01:29.0476 0x07cc [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:01:29.0507 0x07cc msisadrv - ok
13:01:29.0554 0x07cc [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:01:29.0632 0x07cc MSiSCSI - ok
13:01:29.0632 0x07cc msiserver - ok
13:01:29.0710 0x07cc [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:01:29.0757 0x07cc MSKSSRV - ok
13:01:29.0788 0x07cc [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:01:29.0835 0x07cc MSPCLOCK - ok
13:01:29.0866 0x07cc [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:01:29.0913 0x07cc MSPQM - ok
13:01:29.0975 0x07cc [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:01:30.0007 0x07cc MsRPC - ok
13:01:30.0053 0x07cc [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:01:30.0085 0x07cc mssmbios - ok
13:01:30.0100 0x07cc [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:01:30.0147 0x07cc MSTEE - ok
13:01:30.0163 0x07cc [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
13:01:30.0178 0x07cc Mup - ok
13:01:30.0209 0x07cc [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
13:01:30.0303 0x07cc napagent - ok
13:01:30.0381 0x07cc [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:01:30.0475 0x07cc NativeWifiP - ok
13:01:30.0537 0x07cc [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:01:30.0599 0x07cc NDIS - ok
13:01:30.0615 0x07cc [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:01:30.0662 0x07cc NdisTapi - ok
13:01:30.0693 0x07cc [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:01:30.0724 0x07cc Ndisuio - ok
13:01:30.0771 0x07cc [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:01:30.0802 0x07cc NdisWan - ok
13:01:30.0818 0x07cc [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:01:30.0849 0x07cc NDProxy - ok
13:01:31.0114 0x07cc [ 6D4028D458EAAA1782099750790DC8C9, 0D863A61D049235D5BBEC998185814B798674AD861DEBF0C903D28E310CE2768 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
13:01:31.0270 0x07cc Nero BackItUp Scheduler 3 - ok
13:01:31.0348 0x07cc [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:01:31.0364 0x07cc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:35.0435 0x07cc Detect skipped due to KSN trusted
13:01:35.0435 0x07cc Net Driver HPZ12 - ok
13:01:35.0513 0x07cc [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
13:01:35.0591 0x07cc Netaapl - ok
13:01:35.0654 0x07cc [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:01:35.0701 0x07cc NetBIOS - ok
13:01:35.0732 0x07cc [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:01:35.0779 0x07cc netbt - ok
13:01:35.0794 0x07cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
13:01:35.0810 0x07cc Netlogon - ok
13:01:35.0888 0x07cc [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
13:01:35.0997 0x07cc Netman - ok
13:01:36.0340 0x07cc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0481 0x07cc NetMsmqActivator - ok
13:01:36.0481 0x07cc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0496 0x07cc NetPipeActivator - ok
13:01:36.0559 0x07cc [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
13:01:36.0621 0x07cc netprofm - ok
13:01:36.0777 0x07cc [ 9BA2F93E4F01EC58E722B36639E0CE5D, 4741CCBDABD3DB390827FA543B5397C626DA58119ACCE0663F2B60DF6B1F0394 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
13:01:36.0917 0x07cc netr28u - ok
13:01:36.0964 0x07cc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0980 0x07cc NetTcpActivator - ok
13:01:36.0980 0x07cc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0995 0x07cc NetTcpPortSharing - ok
13:01:37.0120 0x07cc [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:01:37.0136 0x07cc nfrd960 - ok
13:01:37.0198 0x07cc [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:01:37.0292 0x07cc NlaSvc - ok
13:01:37.0432 0x07cc [ D36107465E716CF2335A25C54B6D11C2, B4A3415B221FC12A58F2067358CFB124D48C359363D5A1FDC784F655D73D0405 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
13:01:37.0495 0x07cc NMIndexingService - ok
13:01:37.0619 0x07cc [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
13:01:37.0635 0x07cc NMSAccessU - ok
13:01:37.0697 0x07cc [ 5384D7A64E7B6011E98D68F69DCFC980, 3D433201702E435DDEC95BAB47A0CB393C670FC5587A3A86986772B025A0B455 ] NMSCore C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
13:01:37.0744 0x07cc NMSCore - ok
13:01:37.0807 0x07cc [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] nmsunidr C:\Windows\system32\DRIVERS\nmsunidr.sys
13:01:37.0838 0x07cc nmsunidr - ok
13:01:37.0869 0x07cc [ 696B37EA78F9D9767A2F18BA0304A51A, B73C145B8584FEEBF24D84444AE488B98E5917C8ED2F63EC8C0606B5FD2E9BD6 ] nmwcd C:\Windows\system32\drivers\nmwcd.sys
13:01:37.0916 0x07cc nmwcd - ok
13:01:38.0009 0x07cc [ BBB6010FC01D9239D88FCDF133E03FF0, D6FDCE6FAB35E190BC3B8DB6C3B20DF9944B51254F90B3CF06C1BF6AD15FFF0B ] nmwcdc C:\Windows\system32\drivers\nmwcdc.sys
13:01:38.0072 0x07cc nmwcdc - ok
13:01:38.0197 0x07cc [ 4C3726467D67483F054C88F058E9C153, 5E9A77947B353AC075F4489F49A8F4D2345048A2DB7B79FE49290F05D9773C59 ] nmwcdcj C:\Windows\system32\drivers\nmwcdcj.sys
13:01:38.0259 0x07cc nmwcdcj - ok
13:01:38.0321 0x07cc [ 4C3726467D67483F054C88F058E9C153, 5E9A77947B353AC075F4489F49A8F4D2345048A2DB7B79FE49290F05D9773C59 ] nmwcdcm C:\Windows\system32\drivers\nmwcdcm.sys
13:01:38.0353 0x07cc nmwcdcm - ok
13:01:38.0415 0x07cc [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:01:38.0493 0x07cc Npfs - ok
13:01:38.0524 0x07cc [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
13:01:38.0555 0x07cc nsi - ok
13:01:38.0587 0x07cc [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:01:38.0618 0x07cc nsiproxy - ok
13:01:38.0727 0x07cc [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:01:38.0914 0x07cc Ntfs - ok
13:01:38.0945 0x07cc [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:01:39.0070 0x07cc ntrigdigi - ok
13:01:39.0117 0x07cc [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
13:01:39.0164 0x07cc Null - ok
13:01:39.0491 0x07cc [ DEE64F4EBB969D809DAE699A8E092A99, 9999063B5851A5D7ABEAC6F30F91B9C8BE4C456208A5DA9E75E128F274CA1CEA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:01:40.0162 0x07cc nvlddmkm - ok
13:01:40.0240 0x07cc [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:01:40.0256 0x07cc nvraid - ok
13:01:40.0303 0x07cc [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:01:40.0318 0x07cc nvstor - ok
13:01:40.0381 0x07cc [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:01:40.0412 0x07cc nv_agp - ok
13:01:40.0412 0x07cc NwlnkFlt - ok
13:01:40.0412 0x07cc NwlnkFwd - ok
13:01:40.0505 0x07cc [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:01:40.0568 0x07cc ohci1394 - ok
13:01:40.0630 0x07cc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:40.0661 0x07cc ose - ok
13:01:40.0739 0x07cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:01:40.0927 0x07cc p2pimsvc - ok
13:01:40.0942 0x07cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
13:01:41.0005 0x07cc p2psvc - ok
13:01:41.0036 0x07cc [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:01:41.0129 0x07cc Parport - ok
13:01:41.0145 0x07cc [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:01:41.0176 0x07cc partmgr - ok
13:01:41.0207 0x07cc [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:01:41.0285 0x07cc Parvdm - ok
13:01:41.0317 0x07cc PCASp50 - ok
13:01:41.0348 0x07cc [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
13:01:41.0410 0x07cc PcaSvc - ok
13:01:41.0488 0x07cc [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:01:41.0519 0x07cc pccsmcfd - ok
13:01:41.0566 0x07cc [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
13:01:41.0597 0x07cc pci - ok
13:01:41.0644 0x07cc [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
13:01:41.0675 0x07cc pciide - ok
13:01:41.0707 0x07cc [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:01:41.0738 0x07cc pcmcia - ok
13:01:41.0800 0x07cc [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
13:01:41.0863 0x07cc pcouffin - ok
13:01:41.0925 0x07cc [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:01:42.0050 0x07cc PEAUTH - ok
13:01:42.0159 0x07cc [ 9F2F541C52CD7A452E235E885F7D95DE, 9FFA4C13027191BE412B1F887F17427F21E75FB46A5F2D78FA65EB22D3C619FC ] Ph3xIB32 C:\Windows\system32\DRIVERS\Ph3xIB32.sys
13:01:42.0346 0x07cc Ph3xIB32 - ok
13:01:42.0471 0x07cc [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
13:01:42.0627 0x07cc pla - ok
13:01:42.0705 0x07cc [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:01:42.0861 0x07cc PlugPlay - ok
13:01:42.0970 0x07cc [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:01:43.0033 0x07cc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:46.0231 0x07cc Detect skipped due to KSN trusted
13:01:46.0231 0x07cc Pml Driver HPZ12 - ok
13:01:46.0293 0x07cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:01:46.0324 0x07cc PNRPAutoReg - ok
13:01:46.0371 0x07cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:01:46.0589 0x07cc PNRPsvc - ok
13:01:46.0683 0x07cc [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:01:46.0792 0x07cc PolicyAgent - ok
13:01:46.0917 0x07cc [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:01:46.0979 0x07cc PptpMiniport - ok
13:01:47.0026 0x07cc [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
13:01:47.0073 0x07cc Processor - ok
13:01:47.0120 0x07cc [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
13:01:47.0182 0x07cc ProfSvc - ok
13:01:47.0213 0x07cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
13:01:47.0245 0x07cc ProtectedStorage - ok
13:01:47.0385 0x07cc [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:01:47.0463 0x07cc PSched - ok
13:01:47.0541 0x07cc [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
13:01:47.0572 0x07cc PxHelp20 - ok
13:01:47.0650 0x07cc [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:01:47.0791 0x07cc ql2300 - ok
13:01:47.0947 0x07cc [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:01:47.0978 0x07cc ql40xx - ok
13:01:48.0009 0x07cc [ 938A882B718866E24CA5F71DFC925866, CC0469F59ECD47C0201931AB94B7330FAACF1FDC87F4415BC80FAB349AFEE621 ] QualityManager C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
13:01:48.0040 0x07cc QualityManager - ok
13:01:48.0103 0x07cc [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
13:01:48.0181 0x07cc QWAVE - ok
13:01:48.0243 0x07cc [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:01:48.0290 0x07cc QWAVEdrv - ok
13:01:48.0383 0x07cc [ EEAC7AAC7EEEDA9DE346BB2E0403F549, 06940A685D057C9D1926D39D378FD36246BF4F71B4F3BEA3AF0CC05D037B7F87 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
13:01:48.0399 0x07cc RapiMgr - ok
13:01:48.0415 0x07cc [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:01:48.0477 0x07cc RasAcd - ok
13:01:48.0539 0x07cc [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
13:01:48.0602 0x07cc RasAuto - ok
13:01:48.0664 0x07cc [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:01:48.0742 0x07cc Rasl2tp - ok
13:01:48.0820 0x07cc [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
13:01:48.0851 0x07cc RasMan - ok
13:01:48.0945 0x07cc [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:01:48.0976 0x07cc RasPppoe - ok
13:01:49.0023 0x07cc [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:01:49.0039 0x07cc RasSstp - ok
13:01:49.0085 0x07cc [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:01:49.0148 0x07cc rdbss - ok
13:01:49.0179 0x07cc [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:01:49.0226 0x07cc RDPCDD - ok
13:01:49.0257 0x07cc [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:01:49.0351 0x07cc rdpdr - ok
13:01:49.0351 0x07cc [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:01:49.0397 0x07cc RDPENCDD - ok
13:01:49.0429 0x07cc [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:01:49.0491 0x07cc RDPWD - ok
13:01:49.0538 0x07cc [ A8430231E1A06828210248C79755BF9C, 001460B2795C55DBF94E3540E4C5D2081C328C5308D55EEC9D91CDD4BCC0E3E6 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
13:01:49.0553 0x07cc Remote UI Service - ok
13:01:49.0616 0x07cc [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
13:01:49.0663 0x07cc RemoteAccess - ok
13:01:49.0694 0x07cc [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:01:49.0741 0x07cc RemoteRegistry - ok
13:01:49.0865 0x07cc [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:01:49.0881 0x07cc RichVideo - ok
13:01:49.0928 0x07cc [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
13:01:49.0990 0x07cc RpcLocator - ok
13:01:50.0084 0x07cc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
13:01:50.0146 0x07cc RpcSs - ok
13:01:50.0209 0x07cc [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:01:50.0303 0x07cc rspndr - ok
13:01:50.0459 0x07cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
13:01:50.0475 0x07cc SamSs - ok
13:01:50.0600 0x07cc [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:01:50.0615 0x07cc sbp2port - ok
13:01:50.0756 0x07cc [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:01:50.0865 0x07cc SBSDWSCService - ok
13:01:50.0990 0x07cc [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:01:51.0036 0x07cc SCardSvr - ok
13:01:51.0099 0x07cc [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
13:01:51.0239 0x07cc Schedule - ok
13:01:51.0286 0x07cc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
13:01:51.0317 0x07cc SCPolicySvc - ok
13:01:51.0473 0x07cc [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:01:51.0567 0x07cc SDRSVC - ok
13:01:51.0598 0x07cc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:01:51.0660 0x07cc secdrv - ok
13:01:51.0676 0x07cc [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
13:01:51.0723 0x07cc seclogon - ok
13:01:51.0738 0x07cc [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
13:01:51.0785 0x07cc SENS - ok
13:01:51.0816 0x07cc [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:01:51.0848 0x07cc Serenum - ok
13:01:51.0894 0x07cc [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:01:51.0926 0x07cc Serial - ok
13:01:51.0957 0x07cc [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:01:51.0988 0x07cc sermouse - ok
13:01:52.0097 0x07cc [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:01:52.0160 0x07cc ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
13:01:55.0030 0x07cc Detect skipped due to KSN trusted
13:01:55.0030 0x07cc ServiceLayer - ok
13:01:55.0077 0x07cc [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
13:01:55.0124 0x07cc SessionEnv - ok
13:01:55.0155 0x07cc [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:01:55.0186 0x07cc sffdisk - ok
13:01:55.0217 0x07cc [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:01:55.0264 0x07cc sffp_mmc - ok
13:01:55.0295 0x07cc [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:01:55.0373 0x07cc sffp_sd - ok
13:01:55.0451 0x07cc [ C33BFBD6E9E41FCD9FFEF9729E9FAED6, 490C29DC9E9FE8D5010E6DB18DE7DA808BCE84F014CFDEE0530735CBED788073 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:01:55.0545 0x07cc sfloppy - ok
13:01:55.0592 0x07cc [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:01:55.0670 0x07cc SharedAccess - ok
13:01:55.0732 0x07cc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:01:55.0841 0x07cc ShellHWDetection - ok
13:01:55.0872 0x07cc [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:01:55.0904 0x07cc sisagp - ok
13:01:55.0919 0x07cc [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:01:55.0950 0x07cc SiSRaid2 - ok
13:01:55.0966 0x07cc [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:01:55.0997 0x07cc SiSRaid4 - ok
13:01:56.0060 0x07cc [ 4723512C035A3A880DB4657705466240, 1FD6712B43C12FC4EF2E1D52EE87885C9AFBD66EF9CB306B69D39D23AA2C736C ] SLEE_16_DRIVER C:\Windows\system32\drivers\Sleen16.sys
13:01:56.0091 0x07cc SLEE_16_DRIVER - ok
13:01:56.0294 0x07cc [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
13:01:56.0652 0x07cc slsvc - ok
13:01:56.0699 0x07cc [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:01:56.0762 0x07cc SLUINotify - ok
13:01:56.0777 0x07cc [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:01:56.0808 0x07cc Smb - ok
13:01:56.0855 0x07cc [ C88EAD1E773C444F6ABBA21D01A83408, 1673A65615C0FF1F21898AF018970A33F80120397CDED26554FCDC91F03378FA ] SndTDriverV32 C:\Windows\system32\drivers\SndTDriverV32.sys
13:01:56.0886 0x07cc SndTDriverV32 - ok
13:01:56.0902 0x07cc [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:01:56.0933 0x07cc SNMPTRAP - ok
13:01:56.0996 0x07cc [ A0BFE0335DBE0D1EA371964EBC6719CE, 493248D7B9BB66CAB1FBB026BAA2CAE3E3911634B097372A1FF9C653915F573B ] SoundMovieServer C:\Windows\system32\snmvtsvc.exe
13:01:57.0027 0x07cc SoundMovieServer - detected UnsignedFile.Multi.Generic ( 1 )
13:01:59.0897 0x07cc Detect skipped due to KSN trusted
13:01:59.0897 0x07cc SoundMovieServer - ok
13:01:59.0944 0x07cc [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
13:01:59.0960 0x07cc spldr - ok
13:01:59.0991 0x07cc [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
13:02:00.0069 0x07cc Spooler - ok
13:02:00.0147 0x07cc [ D390675B8CE45E5FB359338E5E649329, D10D750EC3FEA62A202EED163F534F2B7EDB2951A4908EA07BDE75D31C1250F2 ] sptd C:\Windows\system32\Drivers\sptd.sys
13:02:00.0147 0x07cc Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: D390675B8CE45E5FB359338E5E649329, sha256: D10D750EC3FEA62A202EED163F534F2B7EDB2951A4908EA07BDE75D31C1250F2
13:02:00.0147 0x07cc sptd - detected LockedFile.Multi.Generic ( 1 )
13:02:03.0002 0x07cc Detect skipped due to KSN trusted
13:02:03.0002 0x07cc sptd - ok
13:02:03.0033 0x07cc [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:02:03.0111 0x07cc srv - ok
13:02:03.0142 0x07cc [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:02:03.0204 0x07cc srv2 - ok
13:02:03.0345 0x07cc [ BF94A7553EF257D70CB2287BF7A3BCE1, 69CDF6E564592718D032D0E4C83F8150178E32C0A84F3A87A3A87FB6B0AB3474 ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
13:02:03.0501 0x07cc srvcPVR - detected UnsignedFile.Multi.Generic ( 1 )
13:02:06.0293 0x07cc Detect skipped due to KSN trusted
13:02:06.0293 0x07cc srvcPVR - ok
13:02:06.0730 0x07cc [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:02:06.0808 0x07cc srvnet - ok
13:02:06.0870 0x07cc [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:02:06.0902 0x07cc SSDPSRV - ok
13:02:06.0948 0x07cc [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:02:06.0964 0x07cc ssmdrv - ok
13:02:07.0058 0x07cc [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:02:07.0120 0x07cc SstpSvc - ok
13:02:07.0167 0x07cc [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
13:02:07.0182 0x07cc ss_bbus - ok
13:02:07.0245 0x07cc [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:02:07.0260 0x07cc ss_bmdfl - ok
13:02:07.0292 0x07cc [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:02:07.0323 0x07cc ss_bmdm - ok
13:02:07.0432 0x07cc [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
13:02:07.0494 0x07cc StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
13:02:10.0349 0x07cc Detect skipped due to KSN trusted
13:02:10.0349 0x07cc StarWindServiceAE - ok
13:02:10.0661 0x07cc [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
13:02:10.0770 0x07cc StillCam - ok
13:02:10.0880 0x07cc [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
13:02:11.0020 0x07cc stisvc - ok
13:02:11.0067 0x07cc [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:02:11.0082 0x07cc swenum - ok
13:02:11.0223 0x07cc [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
13:02:11.0363 0x07cc swprv - ok
13:02:11.0379 0x07cc [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:02:11.0410 0x07cc Symc8xx - ok
13:02:11.0426 0x07cc [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:02:11.0457 0x07cc Sym_hi - ok
13:02:11.0488 0x07cc [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:02:11.0519 0x07cc Sym_u3 - ok
13:02:11.0582 0x07cc [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
13:02:11.0722 0x07cc SysMain - ok
13:02:11.0738 0x07cc [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:02:11.0769 0x07cc TabletInputService - ok
13:02:11.0816 0x07cc [ FC73B46C3C76C9F1F7EC82749C0C48F3, 983DA78F429C424A21F3B985DE90F46585802EE1726109600AEC8A8B2DEA02A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
13:02:11.0925 0x07cc tap0901 - ok
13:02:11.0987 0x07cc [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:02:12.0096 0x07cc TapiSrv - ok
13:02:12.0159 0x07cc [ 5D8C820E2D885C25FFC6BBC5D4FE073C, 1C2DB18B0727C816BED424AED629B07C2E94B121157528709A1386FF1AA8BC25 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
13:02:12.0174 0x07cc tbhsd - ok
13:02:12.0190 0x07cc [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
13:02:12.0237 0x07cc TBS - ok
13:02:12.0611 0x07cc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:02:12.0720 0x07cc Tcpip - ok
13:02:12.0752 0x07cc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:02:12.0798 0x07cc Tcpip6 - ok
13:02:12.0845 0x07cc [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:02:12.0923 0x07cc tcpipreg - ok
13:02:12.0939 0x07cc [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:02:13.0001 0x07cc TDPIPE - ok
13:02:13.0017 0x07cc [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:02:13.0064 0x07cc TDTCP - ok
13:02:13.0126 0x07cc [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:02:13.0188 0x07cc tdx - ok
13:02:13.0220 0x07cc [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:02:13.0235 0x07cc TermDD - ok
13:02:13.0313 0x07cc [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
13:02:13.0438 0x07cc TermService - ok
13:02:13.0485 0x07cc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
13:02:13.0500 0x07cc Themes - ok
13:02:13.0516 0x07cc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
13:02:13.0547 0x07cc THREADORDER - ok
13:02:13.0594 0x07cc [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
13:02:13.0625 0x07cc TrkWks - ok
13:02:13.0688 0x07cc [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:02:13.0719 0x07cc TrustedInstaller - ok
13:02:13.0766 0x07cc [ B56368B25A51CEBDA77E6B20764F07F2, 29E09EEA0714278F9AB7BAE508994B9A0563FEE984A4B7423AE71B7FF577A406 ] TSHWMDTCP C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
13:02:13.0781 0x07cc TSHWMDTCP - ok
13:02:13.0859 0x07cc [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:02:13.0906 0x07cc tssecsrv - ok
13:02:13.0968 0x07cc [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:02:14.0015 0x07cc tunmp - ok
13:02:14.0124 0x07cc [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:02:14.0156 0x07cc tunnel - ok
13:02:14.0296 0x07cc [ DEC8ACEBD9CD1F3DD6F4F3A6308D8B94, 222B6E8E6D014D6640D3A70F4D2FE1DF6D12B2DDA916B20D986AA7C500CB9DF9 ] TVECapSvc C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
13:02:14.0358 0x07cc TVECapSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:02:17.0556 0x07cc Detect skipped due to KSN trusted
13:02:17.0556 0x07cc TVECapSvc - ok
13:02:17.0588 0x07cc [ 7A5A6987397F78B1606BDB5C407D3574, ABE717BE2EE0431819D48CC320AD85E97D7C009A8A094F7B5FB8A7B909E47844 ] TVESched C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
13:02:17.0603 0x07cc TVESched - detected UnsignedFile.Multi.Generic ( 1 )
13:02:20.0489 0x07cc Detect skipped due to KSN trusted
13:02:20.0489 0x07cc TVESched - ok
13:02:20.0520 0x07cc [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:02:20.0536 0x07cc uagp35 - ok
13:02:20.0598 0x07cc [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:02:20.0661 0x07cc udfs - ok
13:02:20.0739 0x07cc [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:02:20.0786 0x07cc UI0Detect - ok
13:02:20.0848 0x07cc [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:02:20.0864 0x07cc uliagpkx - ok
13:02:21.0051 0x07cc [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:02:21.0176 0x07cc uliahci - ok
13:02:21.0207 0x07cc [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:02:21.0238 0x07cc UlSata - ok
13:02:21.0269 0x07cc [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:02:21.0300 0x07cc ulsata2 - ok
13:02:21.0332 0x07cc [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:02:21.0378 0x07cc umbus - ok
13:02:21.0456 0x07cc [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
13:02:21.0488 0x07cc UMPass - ok
13:02:21.0597 0x07cc [ 4847639D852763EE39415C929470F672, 75CF9471BA3EA54E5BE66CD7612DA134B3370D7C3FBA8B2682093C03A0AD87B5 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
13:02:21.0644 0x07cc UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
13:02:24.0483 0x07cc Detect skipped due to KSN trusted
13:02:24.0483 0x07cc UnlockerDriver5 - ok
13:02:24.0576 0x07cc [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
13:02:24.0654 0x07cc upnphost - ok
13:02:24.0654 0x07cc upperdev - ok
13:02:24.0779 0x07cc [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:02:24.0842 0x07cc USBAAPL - ok
13:02:24.0904 0x07cc [ 32DB9517628FF0D070682AAB61E688F0, F9EF8D0D55DABF00E79B0EFE689C6662430B59093A6C7EACB2069DC70B1FDCC5 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:02:24.0935 0x07cc usbaudio - ok
13:02:24.0982 0x07cc [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:02:25.0044 0x07cc usbccgp - ok
13:02:25.0122 0x07cc [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:02:25.0232 0x07cc usbcir - ok
13:02:25.0294 0x07cc [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:02:25.0310 0x07cc usbehci - ok
13:02:25.0388 0x07cc [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:02:25.0403 0x07cc usbhub - ok
13:02:25.0528 0x07cc [ BDAA43CABB4C2BF03F25A550F13D1D5A, 7D1FD53C8566C96C9B67C1622887601A30A3105554B1E3FB056B54E1792F4F74 ] USBMULCD C:\Windows\system32\drivers\CM106.sys
13:02:25.0731 0x07cc USBMULCD - ok
13:02:25.0746 0x07cc [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:02:25.0824 0x07cc usbohci - ok
13:02:25.0887 0x07cc [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:02:25.0934 0x07cc usbprint - ok
13:02:25.0996 0x07cc [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:02:26.0058 0x07cc usbscan - ok
13:02:26.0090 0x07cc [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:02:26.0121 0x07cc USBSTOR - ok
13:02:26.0136 0x07cc [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:02:26.0168 0x07cc usbuhci - ok
13:02:26.0214 0x07cc [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2, D29C9A0ED5602BCD529A0D7F538DFA8771B1CAC6F433AA686C3A4917DC596369 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
13:02:26.0261 0x07cc usb_rndisx - ok
13:02:26.0308 0x07cc [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
13:02:26.0324 0x07cc UxSms - ok
13:02:26.0370 0x07cc [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
13:02:26.0448 0x07cc vds - ok
13:02:26.0464 0x07cc [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:02:26.0511 0x07cc vga - ok
13:02:26.0526 0x07cc [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:02:26.0573 0x07cc VgaSave - ok
13:02:26.0604 0x07cc [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:02:26.0636 0x07cc viaagp - ok
13:02:26.0682 0x07cc [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:02:26.0729 0x07cc ViaC7 - ok
13:02:26.0745 0x07cc [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
13:02:26.0776 0x07cc viaide - ok
13:02:26.0823 0x07cc [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:02:26.0838 0x07cc volmgr - ok
13:02:26.0916 0x07cc [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:02:26.0963 0x07cc volmgrx - ok
13:02:27.0057 0x07cc [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:02:27.0088 0x07cc volsnap - ok
13:02:27.0135 0x07cc [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:02:27.0182 0x07cc vsmraid - ok
13:02:27.0291 0x07cc [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
13:02:27.0509 0x07cc VSS - ok
13:02:27.0603 0x07cc [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
13:02:27.0681 0x07cc W32Time - ok
13:02:27.0712 0x07cc [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:02:27.0774 0x07cc WacomPen - ok
13:02:27.0806 0x07cc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:02:27.0852 0x07cc Wanarp - ok
13:02:27.0852 0x07cc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:02:27.0884 0x07cc Wanarpv6 - ok
13:02:27.0930 0x07cc [ 3F2B5D989666786E57BB0D8D35B84052, CA110107B2D4EEB61F329D4D7B2C38A4847EBF99C4C69AFD813F42E55A8F6C6C ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
13:02:27.0993 0x07cc WcesComm - ok
13:02:28.0055 0x07cc [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:02:28.0164 0x07cc wcncsvc - ok
13:02:28.0227 0x07cc [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:02:28.0258 0x07cc WcsPlugInService - ok
13:02:28.0383 0x07cc [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
13:02:28.0414 0x07cc Wd - ok
13:02:28.0476 0x07cc [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:02:28.0554 0x07cc Wdf01000 - ok
13:02:28.0601 0x07cc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:02:28.0664 0x07cc WdiServiceHost - ok
13:02:28.0664 0x07cc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:02:28.0710 0x07cc WdiSystemHost - ok
13:02:28.0929 0x07cc [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
13:02:29.0007 0x07cc WebClient - ok
13:02:29.0038 0x07cc [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:02:29.0132 0x07cc Wecsvc - ok
13:02:29.0163 0x07cc [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:02:29.0241 0x07cc wercplsupport - ok
13:02:29.0272 0x07cc [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
13:02:29.0288 0x07cc WerSvc - ok
13:02:29.0350 0x07cc [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:02:29.0381 0x07cc WinDefend - ok
13:02:29.0381 0x07cc WinHttpAutoProxySvc - ok
13:02:29.0553 0x07cc [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:02:29.0600 0x07cc Winmgmt - ok
13:02:29.0662 0x07cc [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
13:02:29.0865 0x07cc WinRM - ok
13:02:29.0912 0x07cc [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
13:02:29.0958 0x07cc winusb - ok
13:02:30.0005 0x07cc [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:02:30.0161 0x07cc Wlansvc - ok
13:02:30.0302 0x07cc [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:02:30.0426 0x07cc wlidsvc - ok
13:02:30.0473 0x07cc [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:02:30.0536 0x07cc WmiAcpi - ok
13:02:30.0645 0x07cc [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:02:30.0692 0x07cc wmiApSrv - ok
13:02:30.0785 0x07cc [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:02:30.0926 0x07cc WMPNetworkSvc - ok
13:02:31.0019 0x07cc [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:02:31.0128 0x07cc WPCSvc - ok
13:02:31.0191 0x07cc [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:02:31.0253 0x07cc WPDBusEnum - ok
13:02:31.0316 0x07cc [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:02:31.0378 0x07cc WpdUsb - ok
13:02:31.0721 0x07cc [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:02:31.0862 0x07cc WPFFontCache_v0400 - ok
13:02:31.0924 0x07cc [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:02:31.0971 0x07cc ws2ifsl - ok
13:02:32.0096 0x07cc [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
13:02:32.0158 0x07cc wscsvc - ok
13:02:32.0158 0x07cc WSearch - ok
13:02:32.0283 0x07cc [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
13:02:32.0548 0x07cc wuauserv - ok
13:02:32.0626 0x07cc [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:02:32.0704 0x07cc WudfPf - ok
13:02:32.0798 0x07cc [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:02:32.0844 0x07cc WUDFRd - ok
13:02:32.0860 0x07cc [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:02:32.0907 0x07cc wudfsvc - ok
13:02:32.0969 0x07cc [ AB2D77BF7222B007717ABB61B15F9AE2, 9495D99385C91115583F6CD0E26B39D4F04FB3472EA53ADE51DA03043468A896 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
13:02:32.0985 0x07cc X10Hid - ok
13:02:33.0047 0x07cc [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
13:02:33.0047 0x07cc x10nets - detected UnsignedFile.Multi.Generic ( 1 )
13:02:35.0964 0x07cc Detect skipped due to KSN trusted
13:02:35.0964 0x07cc x10nets - ok
13:02:36.0042 0x07cc [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B, 2F667F6170F120F038122A6567C59836D5EC0FC966244DECDF974E0D25509C72 ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
13:02:36.0058 0x07cc XUIF - ok
13:02:36.0167 0x07cc [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:02:36.0245 0x07cc YahooAUService - ok
13:02:36.0308 0x07cc ================ Scan global ===============================
13:02:36.0339 0x07cc [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
13:02:36.0370 0x07cc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:02:36.0417 0x07cc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:02:36.0510 0x07cc [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
13:02:36.0588 0x07cc [ Global ] - ok
13:02:36.0588 0x07cc ================ Scan MBR ==================================
13:02:36.0635 0x07cc [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
13:02:39.0927 0x07cc \Device\Harddisk0\DR0 - ok
13:02:39.0927 0x07cc ================ Scan VBR ==================================
13:02:39.0942 0x07cc [ 05CA5B56D43E26DD118003F58BFC862F ] \Device\Harddisk0\DR0\Partition1
13:02:39.0974 0x07cc \Device\Harddisk0\DR0\Partition1 - ok
13:02:40.0052 0x07cc [ 31F51494F70A39A435A249B0812FE7F0 ] \Device\Harddisk0\DR0\Partition2
13:02:40.0052 0x07cc \Device\Harddisk0\DR0\Partition2 - ok
13:02:40.0052 0x07cc ================ Scan generic autorun ======================
13:02:40.0145 0x07cc [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:02:40.0161 0x07cc YSearchProtection - ok
13:02:40.0239 0x07cc [ D96CDA05732F68C5FDB3C547C939C98A, 2DEED829B5FB379813579E79D5E316015D99E28F6C1228CC3E5AA3E7D3B6169A ] C:\Windows\WindowsMobile\wmdc.exe
13:02:40.0364 0x07cc Windows Mobile-based device management - ok
13:02:40.0457 0x07cc [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
13:02:40.0660 0x07cc Windows Defender - ok
13:02:40.0769 0x07cc [ AAD52179D4A526AD4A705B87C6E4F72A, 0015F316DD2E73D5D2434DAC7CAB47050B21BF8CAE23482302A0E1982EF8A3BD ] C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe
13:02:40.0832 0x07cc UpdatePPShortCut - ok
13:02:40.0847 0x07cc [ 777122001931D8C1375EAFE63E1E49D4, 0C2B6812F839B12E75D03FC9D0078DD3CAF5B5754D8B7B55247D2EFDF22CD314 ] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
13:02:40.0878 0x07cc TVEService - detected UnsignedFile.Multi.Generic ( 1 )
13:02:43.0733 0x07cc Detect skipped due to KSN trusted
13:02:43.0733 0x07cc TVEService - ok
13:02:43.0796 0x07cc [ 5DC38F4967408D27AF8CDC5F4C8BC9C4, C369B5FB0614B8BD08CA3F4A947CF87DE6DA2FC8D22255A72F520D555026C685 ] C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe
13:02:43.0842 0x07cc TVBroadcast - detected UnsignedFile.Multi.Generic ( 1 )
13:02:46.0962 0x07cc Detect skipped due to KSN trusted
13:02:46.0962 0x07cc TVBroadcast - ok
13:02:47.0072 0x07cc [ ED84CE5E33F3D60F1619805103B264E4, D81AA689C97AFDD510E93BD126C70F2146159CA3AF45DAD4D9B9A7DF8D18816E ] C:\Program Files\GoogleEULA\EULALauncher.exe
13:02:47.0150 0x07cc toolbar_eula_launcher - detected UnsignedFile.Multi.Generic ( 1 )
13:02:49.0989 0x07cc Detect skipped due to KSN trusted
13:02:49.0989 0x07cc toolbar_eula_launcher - ok
13:02:50.0067 0x07cc [ 70F5699709AB92E4D846A401AC90B827, AABDA97C8DC12A2AD6E7038FD715FFC6B1C6EF59541472DA06E70D382855DA07 ] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
13:02:50.0067 0x07cc RemoteControl - ok
13:02:50.0067 0x07cc NvSvc - ok
13:02:50.0082 0x07cc NvMediaCenter - ok
13:02:50.0082 0x07cc NvCplDaemon - ok
13:02:50.0410 0x07cc [ D83EB2B71ECE7D606225F8EA1F3A68A2, F8FFD0F406FA1F5F836D25DEEA02DC9EA915839FB7F4757D08F31F19B3E99922 ] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
13:02:50.0753 0x07cc NSLauncher - detected UnsignedFile.Multi.Generic ( 1 )
13:02:53.0967 0x07cc Detect skipped due to KSN trusted
13:02:53.0967 0x07cc NSLauncher - ok
13:02:54.0045 0x07cc [ FEC7A0C94B73E46AFEEEEDF53548AAEA, F36F9EC8BE4E7FA8B0DDE701E1361884141BB77925382ECA56D2AFDEDD5E61E3 ] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
13:02:54.0060 0x07cc NMSSupport - ok
13:02:54.0170 0x07cc [ 8112D0DACAE746290FC87B3A980FA719, 43CA8CED6AB58EDD97AD476C791D49C7ECD40EB8DA627E8412C0A27699A58F01 ] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
13:02:54.0248 0x07cc NeroFilterCheck - ok
13:02:54.0294 0x07cc [ DEFA4CE02AFF4C3BEFD4B764C73A7362, 719099A4BC6FD87D69EA873792CE67DFB3CC04D3DA8A387D4483FEB1D5086990 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
13:02:54.0310 0x07cc IAAnotif - ok
13:02:54.0544 0x07cc [ 2184D55F4A9D8C2CC60EEBAC11AD7062, 7465D01F49A3A7DC2BB90E44CA87AC251FD8BF6FF138C9C805973BC64B78C3DE ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:02:54.0606 0x07cc Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
13:02:57.0571 0x07cc Detect skipped due to KSN trusted
13:02:57.0571 0x07cc Google Desktop Search - ok
13:02:57.0618 0x07cc [ D3E15273940EB78870146BF7592666D3, DFFAE151BF045BD24D6C624D0F8BAB13ACC873FE7F3B46CBE646C887AD6DC255 ] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
13:02:57.0634 0x07cc CCUTRAYICON - ok
13:02:57.0681 0x07cc [ 3C59CB80D1849128C14FF2B3245419BE, E9670D00AD3F090093DF6150097EC51D03099B6078957B1F98A36EB56E62B3DE ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
13:02:57.0712 0x07cc AppleSyncNotifier - ok
13:02:57.0774 0x07cc [ 5B6A63D976E58A785605D889F8ABCD5C, 8EC34F0AEA59EADB29A572BB6B9CD36164B629E9DA8B36D83D7BA7CF88CD2A8F ] C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
13:02:57.0774 0x07cc SAFEOEM HotKeys - detected UnsignedFile.Multi.Generic ( 1 )
13:03:00.0769 0x07cc Detect skipped due to KSN trusted
13:03:00.0769 0x07cc SAFEOEM HotKeys - ok
13:03:01.0191 0x07cc [ E2724029D3648C2EB226D16678727FA9, F779BC636AA7DF0C303D20BF9450B75EEBFDBB53D1414DF0E7B26C42A17C0581 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
13:03:01.0206 0x07cc TkBellExe - ok
13:03:01.0331 0x07cc [ 36143067E041A98083FB204DAC49293C, A1E4A46E3A4B904FAC363C285EBF8D5D9838F12A83078DAF6D599E67434E816F ] C:\Program Files\dcmsvc\dcmsvc.exe
13:03:01.0393 0x07cc dcmsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:03:04.0279 0x07cc Detect skipped due to KSN trusted
13:03:04.0279 0x07cc dcmsvc - ok
13:03:04.0279 0x07cc Cm106Sound - ok
13:03:04.0716 0x07cc [ 4D83DC461F8F4370274CF6E9AC9A34F4, E84F573534C0AC02C9D3329A09F31E594A782FE9BEFB69DFA337D5505135D694 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
13:03:04.0747 0x07cc HP Software Update - ok
13:03:04.0981 0x07cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0184 0x07cc Sidebar - ok
13:03:05.0200 0x07cc WindowsWelcomeCenter - ok
13:03:05.0262 0x07cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0356 0x07cc Sidebar - ok
13:03:05.0371 0x07cc WindowsWelcomeCenter - ok
13:03:05.0403 0x07cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0496 0x07cc Sidebar - ok
13:03:05.0496 0x07cc WindowsWelcomeCenter - ok
13:03:05.0590 0x07cc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
13:03:05.0621 0x07cc ehTray.exe - ok
13:03:05.0699 0x07cc [ 6105A469CEEA62D6BF5B08E854C306EC, 830561AF4E24285C4D684E69A96DEB34230D046A499F3DF8396D3842EB33BE26 ] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
13:03:05.0730 0x07cc BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
13:03:05.0793 0x07cc [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:05.0808 0x07cc YSearchProtection - ok
13:03:05.0886 0x07cc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
13:03:05.0902 0x07cc swg - ok
13:03:05.0917 0x07cc [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:05.0933 0x07cc Search Protection - ok
13:03:06.0027 0x07cc [ BB025F5C1E3F35DFC05EC66CBFEEAEBE, EFAEBFFC978BDD43486EE74D8A35E97578BAF630838FA20475C873094C3B4FF4 ] C:\Program Files\phonostar-Player\phonostarTimer.exe
13:03:06.0027 0x07cc phonostarTimer - detected UnsignedFile.Multi.Generic ( 1 )
13:03:08.0928 0x07cc Detect skipped due to KSN trusted
13:03:08.0928 0x07cc phonostarTimer - ok
13:03:09.0537 0x07cc [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
13:03:09.0552 0x07cc swg - ok
13:03:09.0646 0x07cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:03:09.0708 0x07cc Sidebar - ok
13:03:09.0771 0x07cc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
13:03:09.0786 0x07cc ehTray.exe - ok
13:03:09.0833 0x07cc [ 6105A469CEEA62D6BF5B08E854C306EC, 830561AF4E24285C4D684E69A96DEB34230D046A499F3DF8396D3842EB33BE26 ] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
13:03:09.0864 0x07cc BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
13:03:09.0895 0x07cc [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:09.0911 0x07cc YSearchProtection - ok
13:03:09.0927 0x07cc [ BB025F5C1E3F35DFC05EC66CBFEEAEBE, EFAEBFFC978BDD43486EE74D8A35E97578BAF630838FA20475C873094C3B4FF4 ] C:\Program Files\phonostar-Player\phonostarTimer.exe
13:03:09.0927 0x07cc phonostarTimer - detected UnsignedFile.Multi.Generic ( 1 )
13:03:09.0927 0x07cc Detect skipped due to KSN trusted
13:03:09.0927 0x07cc phonostarTimer - ok
13:03:10.0816 0x07cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
13:03:10.0847 0x07cc Google Update - ok
13:03:10.0878 0x07cc {0D60629E-6757-4B1A-1A32-7835EEAA2F15} - ok
13:03:11.0081 0x07cc [ 896A1DB9A972AD2339C2E8569EC926D1, EDB395CA46F79BC6668427DF05DCD163F2BC874DDBB6484D0A30448F6C9D08E2 ] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
13:03:11.0284 0x07cc SpybotSD TeaTimer - ok
13:03:11.0409 0x07cc [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
13:03:11.0502 0x07cc AutoStartNPSAgent - ok
13:03:11.0892 0x07cc [ 5C35525CEBE7B59FAFA05D5E98D7EDEF, 456BDD801C621B6DE4B2862F846145C6143B19B45BD6459DD29B045879E76562 ] C:\Program Files\CCleaner\CCleaner.exe
13:03:12.0282 0x07cc CCleaner Monitoring - ok
13:03:12.0298 0x07cc Adobe Speed Launcher - ok
13:03:12.0298 0x07cc Waiting for KSN requests completion. In queue: 3
13:03:13.0312 0x07cc Waiting for KSN requests completion. In queue: 3
13:03:14.0326 0x07cc Waiting for KSN requests completion. In queue: 3
13:03:15.0340 0x07cc Waiting for KSN requests completion. In queue: 3
13:03:16.0463 0x07cc AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:03:16.0557 0x07cc Win FW state via NFP2: enabled ( trusted )
13:03:19.0630 0x07cc ============================================================
13:03:19.0630 0x07cc Scan finished
13:03:19.0630 0x07cc ============================================================
13:03:19.0630 0x1218 Detected object count: 0
13:03:19.0630 0x1218 Actual detected object count: 0
|
|
30.12.2015, 18:46
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | Heitmann Metallhandel Makros Virus Schritt 1 Bitte deinstalliere folgende Programme: Ask Toolbar Ask Toolbar Updater Versuche es bei Windows Vista  zunächst über Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter. Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  
Schritt 4   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
30.12.2015, 23:15
| #6 |
| | Logdateien Hallo Jürgen, ich habe alles so wie du es beschrieben hast ausgeführt und poste jetzt das Resultat. Gruß Niko Code:
ATTFilter # AdwCleaner v5.026 - Bericht erstellt am 30/12/2015 um 20:22:29
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Nikos - NIKOS-PC
# Gestartet von : C:\Users\Nikos\Desktop\AdwCleaner_5.026.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : APNMCP
[-] Dienst Gelöscht : YahooAUService
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Premium
[-] Ordner Gelöscht : C:\Program Files\Ask.com
[-] Ordner Gelöscht : C:\Program Files\AskPartnerNetwork
[-] Ordner Gelöscht : C:\Program Files\Conduit
[-] Ordner Gelöscht : C:\Program Files\Free Video Converter
[-] Ordner Gelöscht : C:\Program Files\FileConverter_1.3
[-] Ordner Gelöscht : C:\Program Files\Free FLV Converter
[-] Ordner Gelöscht : C:\Program Files\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Program Files\a2zLyrics-1
[-] Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[-] Ordner Gelöscht : C:\Program Files\Common Files\Tobit
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
[-] Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
[-] Ordner Gelöscht : C:\ProgramData\AE53F947A4C978AC0000AE534AF97DD0
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\eSupport.com
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\Temp\apn
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\Temp\OCS
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\Conduit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\FileConverter_1.3
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Desktopicon
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\QuickStoresToolbar
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Tobit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\download Manager
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Conduit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\ConduitCommon
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[-] Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
[-] Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\webssearches.xml
[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js
[-] Datei Gelöscht : C:\Users\Nikos\Downloads\Documents\eBay.lnk
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe Gelöscht : Scheduled Update for Ask Toolbar
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3241949
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Ask.com
[-] Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuickStores-Toolbar_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free FLV Converter_is1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuickStores-Toolbar_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free FLV Converter_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15003506-EE97-481D-85CA-0AE23947A486}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F57C662B-F287-47DE-900D-3502FF7E098A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
***** [ Internetbrowser ] *****
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..clientLogIsEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AllowNonPrivacy", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AppTrackingLastCheckTime", "Tue Mar 29 2011 09:16:26 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_129995099749948850", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_1366729289000", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_1367225781000", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_758950620983444994", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CT1576177.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1576177&octid=CT1576177&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CTID", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CTPBaseServerUrl", "hxxp://services.conduit.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CommunityChanged", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ConfigurationLastCheckTime", "Tue Sep 10 2013 22:30:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CurrentServerDate", "10-9-2013");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DialogsAlignMode", "LTR");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DialogsGetterLastCheckTime", "Wed Sep 04 2013 20:20:31 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DownloadReferralCookieData", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedLastCount128508549850888256", 648);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836143", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836169", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836350", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128508548073075583", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128509399572900867", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346481669642", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346607919643", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346740887833", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346908231605", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520347046512856", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520347157919107", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128559567960307092", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649541022275416", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649541978837520", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649542595712988", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649543096806600", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649544518056351", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649545412118848", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649545904306583", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649546330556825", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649550407275424", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649552058993934", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649558703994539", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128508548073075583", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128509399572900867", 10);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649541022275416", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649542595712988", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649543096806600", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649546330556825", 30);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstServerDate", "26-5-2010");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTime", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTimeFF3", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTimeSettingsDone", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.GroupingServerCheckInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HasUserGlobalKeys", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HomePageProtectorEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HomepageBeforeUnload", "hxxp://www.yahoo.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Initialize", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InitializeCommonPrefs", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InstallationAndCookieDataSentCount", 3);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InstalledDate", "Wed May 26 2010 12:37:15 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InvalidateCache", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsAlertDBUpdated", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsGrouping", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsMulticommunity", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackReloadInterval", "24");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackReloadIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin", "Wed Sep 10 2008 22:22:02 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_2.5.6.0", "Sat Aug 21 2010 22:59:54 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_2.7.2.0", "Wed Mar 23 2011 10:57:20 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.12.2.3", "Mon May 21 2012 11:34:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.13.0.6", "Thu Aug 02 2012 00:22:46 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.14.1.0", "Wed Aug 29 2012 16:24:48 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.15.1.0", "Wed Nov 07 2012 09:38:48 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.16.0.3", "Sun Feb 10 2013 19:07:18 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.18.0.7", "Wed Jul 31 2013 20:20:39 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.19.0.3", "Sun Sep 08 2013 20:35:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.20.0.4", "Tue Sep 10 2013 21:27:08 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.3.2.1", "Wed Mar 23 2011 19:37:00 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.3.3.2", "Tue Mar 29 2011 19:07:24 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.8.1.0", "Thu Jan 05 2012 00:05:51 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LatestVersion", "3.20.0.4");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Locale", "en-us");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LoginCache", 4);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipHeight", "83");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipWidth", "295");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MyStuffEnabledAtInstallation", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioIsPodcast", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastCheckTime", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastUpdateIPServer", "3");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastUpdateServer", "129012499909130000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMediaID", "12836178");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMediaType", "Media Player");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMenuSelectedID", "EBRadioMenu_CT1576177_RECENT12836178");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioShrinked", "expanded");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioStationName", "LATINO%20FM%2099.5%20FM%20EN%20");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioStationURL", "hxxp://92.48.107.35:8000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioVolume", "100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SHRINK_TOOLBAR", 1);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchAPILastCheckTime", "Tue Sep 10 2013 22:30:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchEngine", "Searchhxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1576177&octid=EB_ORIGINAL_CTID&SearchSource=1");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchEngineBeforeUnload", "Google");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchFromAddressBarIsInit", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 19:56:01 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT1576177&octid=CT1576177&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchProtectorEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchProtectorToolbarDisabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Server", "hxxp://users.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ServiceMapLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsCheckIntervalMin", 120);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsLastCheckTime", "Tue Sep 10 2013 23:07:26 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsLastUpdate", "1378814414");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsInterval", 504);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsLastCheck", "Thu Jan 05 2012 00:05:50 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsLastUpdate", "1312887586");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ToolbarAlignMode", "SYSTEM");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ToolbarName", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.UserID", "UN20080910222201619");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ValidationData_Search", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ValidationData_Toolbar", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.VusualLastUpdateTime", "1220482279");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.alertChannelId", "17096");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.backendstorage.ytapp_dailyactivity", "31333031343038323636303133");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.backendstorage.ytapp_lifetimesent", "54525545");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.clientLogIsEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.countryCode", "DE");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.globalFirstTimeInfoLastCheckTime", "Thu Jan 05 2012 00:05:59 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.homepageProtectorEnableByLogin", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.initDone", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.isAppTrackingManagerOn", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffPublihserMinWidth", 400);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffServiceIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.oldAppsList", "128499901691512797,128526810339013103,111,129132563179527150,1000082,129012429519069342,129000154842475804,129001851961462505,128823022784200226,129217881225944372,[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.revertSettingsEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.searchProtectorDialogDelayInSec", 10);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.searchProtectorEnableByLogin", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.testingCtid", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.toolbarAppMetaDataLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.toolbarContextMenuLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.usagesFlag", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1576177/CT1576177", "\"568ffad0ef2ac873207bda2c8cdd2bef3\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/17096/16748/DE", "\"0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1576177", "\"1367226862\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"2a1a0d7b586ce1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"80ee9485875dcc1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1576177", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1576177/CT1576177", "\"1321973063\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/equalizer_dead.gif", "\"03e383867bc91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/minimize.gif", "\"0e685fa27bc91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/play.gif", "\"02faea337c7c91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/stop.gif", "\"03a54d7f47ac91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/vol.gif", "\"049b47644c7c91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"e6cb2dbb148781178bcd9e41415ce096\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"9220c1862b1d15f7fafbc60936de2b8d\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwner", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{ad55c869-668e-457c-b270-0cfb2f61116f}");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nikos\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\faoen3cu.default\\conduitCommon\\modules\\3.8.1.0");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ad55c869-668e-457c-b270-0cfb2f61116f}");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 21:20:56 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 16:47:57 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 20 2011 16:47:49 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.userId", "1185c161-d0ad-452a-8980-1b6c2af67694");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.globalUserId", "e400709b-eb0c-47f7-be51-596f5ebcd5fe");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.killedEngine", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jan 05 2012 01:06:07 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jan 05 2012 00:05:51 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.userId", "6543a03e-0f4f-4309-8fb4-79ec3b454c2b");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.undefined", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1449341833294,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.first_launch_url", "\"hxxp://search.avira.com/launch/6.html?locale={locale}\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.homepage", "\"hxxp://avira.search.ask.com/\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.newTabSearchURL", "\"hxxp://www.search.ask.com/web?o=&p2=&tpid=AVIRA-V7&gct=tab&apn_uid=&apn_ptnrs=&apn_dtid=&apn_dbr=&itbv=&doi=&trgb=&tbv=&crxv=&pf=&pt=&psv=&q=%7Bquer[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.searchURL", "\"hxxp://www.search.ask.com/web?o=&p2=&tpid=AVIRA-V7&gct=bar&apn_uid=&apn_ptnrs=&apn_dtid=&apn_dbr=&itbv=&doi=&trgb=&tbv=&crxv=&pf=&pt=&psv=&q=%7Bquery%7D\"[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3,anycolor.pavlos256@gmail.com:0.3.3,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4,fastdial@telega.phpnet.us:3.4,{3112ca[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.engine@conduit.com.install-event-fired", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quickstores@quickstores.de.install-event-fired", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("quickstores.toolbar.affid", "2003");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("quickstores.toolbar.guid", "{AA081BF9-98AB-2F50-A418-5C1D7745B636}");
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : delta-search.com
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [71596 Bytes] ##########
|
|
30.12.2015, 23:27
| #7 |
| | Logs Anti Malware und FRSTCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.12.2015 Suchlaufzeit: 20:42:02 Protokolldatei: MAW.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.30.04 Rootkit-Datenbank: v2015.12.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: Nikos Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 401904 Abgelaufene Zeit: 1 Std., 0 Min., 36 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Tiefer Rootkit-Suchlauf: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:30-12-2015 durchgeführt von Nikos (Administrator) auf NIKOS-PC (30-12-2015 22:17:26) Gestartet von C:\Users\Nikos\Desktop Geladene Profile: IUSR_NMPR & Nikos & (Verfügbare Profile: IUSR_NMPR & Nikos) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe (Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe () C:\Program Files\CDBurnerXP\NMSAccessU.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe () C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe (RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe () C:\Program Files\dcmsvc\dcmsvc.exe (Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () C:\Program Files\phonostar-Player\phonostarTimer.exe (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (X10) C:\Program Files\Common Files\X10\Common\X10nets.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.) HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.) HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia) HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( ) HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.) HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] () HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2008-04-03] (Google) HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation) HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [111936 2008-09-03] (Apple Inc.) HKLM\...\Run: [SAFEOEM HotKeys] => C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe [26112 2008-12-11] () HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256 2010-10-14] (RealNetworks, Inc.) HKLM\...\Run: [dcmsvc] => C:\Program Files\dcmsvc\dcmsvc.exe [30440 2009-04-07] () HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-05] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] () HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] () HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] () HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\RunOnce: [Adobe Speed Launcher] => 1418941746 HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] () HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [{0D60629E-6757-4B1A-1A32-7835EEAA2F15}] => C:\Users\Nikos\AppData\Roaming\Yhtop\ogirafh.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1418941746 HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-06-22] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk [2010-10-23] ShortcutTarget: Warner Bros.lnk -> C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5B99534D-2400-4DC0-9113-8BECB8EC9273}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5C3F7A78-9AC4-4A54-B0DF-4F12F7C29A6C}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{CAD71E9E-1831-483C-B9E3-9F2820B5E4F8}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000 HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/ HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9 HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/ HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9 URLSearchHook: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - Keine Datei SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8 BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-14] (RealPlayer) BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation) BHO: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Nikos\AppData\Roaming\Speckie\bin32\Speckie32.dll [2013-06-02] (Versoworks Pty Ltd) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) BHO: livetvbar Toolbar -> {ad55c869-668e-457c-b270-0cfb2f61116f} -> C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation) Toolbar: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - Keine Datei DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} hxxps://account.maxdome.de/presentation/script/HWTest.CAB DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} hxxp://de.bookmarks.yahoo.com/YbConvFav.CAB DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} hxxp://whkd.dvrdns.org/JpegInst.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default FF DefaultSearchUrl: hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p= FF SelectedSearchEngine: Google FF Homepage: hxxps://de.yahoo.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [Keine Datei] FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-10] (Google) FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-27] (RealNetworks) FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( ) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( ) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npgcplug.dll [2008-09-27] (RealNetworks) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll [2005-04-27] (RealNetworks) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2010-10-14] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.) FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\userlogos.xml [2009-01-06] FF Extension: Low Quality Flash - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\low_quality_flash@pie2k.com [2015-05-30] FF Extension: Greek Translator - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\{A17292E8-DE0B-11DA-BCE2-92ABFC5AF602}.xpi [2015-05-30] FF Extension: Avira Browser Safety - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\abs@avira(233).com [2015-12-15] FF Extension: AnyColor - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\anycolor.pavlos256@gmail.com [2010-08-22] [ist nicht signiert] FF Extension: German Dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] [ist nicht signiert] FF Extension: Greek Spelling dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\el-GR@dictionaries.addons.mozilla.org [2015-12-19] [ist nicht signiert] FF Extension: Fast Dial - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\fastdial@telega.phpnet.us [2015-11-21] FF Extension: ProxTube - Unblock YouTube - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27] FF Extension: YouTube™ Flash® Player - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-11-28] FF Extension: YesScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\yesscript@userstyles.org.xpi [2015-05-30] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [ist nicht signiert] FF Extension: Flash Game Maximizer - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [2015-05-30] FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-23] [ist nicht signiert] FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169) [2008-06-23] [ist nicht signiert] FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(95) [2011-04-18] [ist nicht signiert] FF Extension: Flashblock - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-29] FF Extension: eBay Sidebar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2015-05-30] FF Extension: NoScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23] FF Extension: iMacros for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(132) [2013-09-13] [ist nicht signiert] FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(123) [2013-09-15] [ist nicht signiert] FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(133) [2013-09-14] [ist nicht signiert] FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(881) [2009-04-10] [ist nicht signiert] FF Extension: Video DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: Adblock Plus - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: GooglePreview - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(68) [2009-05-07] [ist nicht signiert] FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{ad55c869-668e-457c-b270-0cfb2f61116f} [2015-12-27] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-15] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-14] [ist nicht signiert] FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2013-10-25] Chrome: ======= CHR Profile: C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (a2zLyrics-1) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn [2013-09-14] CHR Extension: (YouTube) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google-Suche) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-05] CHR Extension: (Google Mail) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-10-14] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [930944 2015-12-05] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1222952 2015-12-05] (Avira Operations GmbH & Co. KG) S2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S2 ClipInc001; C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe [1412608 2008-04-30] () [Datei ist nicht signiert] S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation) R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert] R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [Datei ist nicht signiert] S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2008-04-03] (Google) [Datei ist nicht signiert] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation) S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] () S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert] R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] () R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert] R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation) R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] () R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert] S3 SoundMovieServer; C:\Windows\system32\snmvtsvc.exe [184320 2008-04-17] (SoundMovieServer) [Datei ist nicht signiert] R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [Datei ist nicht signiert] R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert] R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [Datei ist nicht signiert] R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [Datei ist nicht signiert] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert] S2 BGLiveSvc; "C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe" [X] S2 BgMainSvc; C:\Program Files\BullGuard Software\BullGuard\BsMain.dll [X] S2 BsFileScan; C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll [X] S2 BsMailProxy; C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH) S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert] R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2008-09-10] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG) R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [50896 2008-04-03] (BullGuard Ltd.) S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com) [Datei ist nicht signiert] R3 DrmCDriverV32; C:\Windows\System32\drivers\DrmCDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider) R3 DrmCVideo32; C:\Windows\System32\DRIVERS\DrmCVideo32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert] R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2008-02-20] (Intel Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-09-10] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200 2015-12-30] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R3 MovRVDrv32; C:\Windows\System32\DRIVERS\MovRVDrv32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.) R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH) R1 SLEE_16_DRIVER; C:\Windows\system32\drivers\Sleen16.sys [79104 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt ) R3 SndTDriverV32; C:\Windows\System32\drivers\SndTDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-04-27] () [Datei ist nicht signiert] R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG) S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25088 2007-04-25] (The OpenVPN Project) S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [26784 2007-12-11] (RapidSolution Software AG) S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] () S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [1499648 2008-09-10] (C-Media Electronics Inc) R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.) R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) U3 ay94mq87; C:\Windows\system32\Drivers\ay94mq87.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner) S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 PCASp50; System32\Drivers\PCASp50.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [Datei ist nicht signiert] S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X] U5 usbser; C:\Windows\System32\Drivers\usbser.sys [28160 2008-01-21] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-30 22:17 - 2015-12-30 22:18 - 00056557 _____ C:\Users\Nikos\Desktop\FRST.txt 2015-12-30 22:15 - 2015-12-30 22:15 - 00000000 ____D C:\Users\Nikos\Desktop\FRST-OlderVersion 2015-12-30 21:57 - 2015-12-30 21:57 - 00001257 _____ C:\Users\Nikos\Desktop\MAW.txt 2015-12-30 20:40 - 2015-12-30 20:42 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-30 20:38 - 2015-12-30 20:38 - 00000863 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-12-30 20:38 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-12-30 20:38 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-12-30 20:38 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-12-30 20:33 - 2015-12-30 20:33 - 22908888 _____ (Malwarebytes ) C:\Users\Nikos\Desktop\mbam-setup-2.2.0.1024.exe 2015-12-30 20:30 - 2015-12-30 20:30 - 00071676 _____ C:\Users\Nikos\Desktop\AdwCleaner[C1].txt 2015-12-30 20:17 - 2015-12-30 20:17 - 01743360 _____ C:\Users\Nikos\Desktop\AdwCleaner_5.026.exe 2015-12-30 19:29 - 2015-12-30 19:29 - 00000000 ____D C:\Users\Nikos\Desktop\RevoUninstallerPortable 2015-12-30 19:26 - 2015-12-30 19:26 - 02785665 _____ (PortableApps.com) C:\Users\Nikos\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe 2015-12-30 12:58 - 2015-12-30 13:45 - 00234960 _____ C:\TDSSKiller.3.1.0.9_30.12.2015_12.58.38_log.txt 2015-12-27 14:25 - 2015-12-28 13:37 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-12-23 15:31 - 2015-12-23 15:31 - 00000000 ____D C:\Program Files\CCleaner 2015-12-21 22:26 - 2015-12-30 22:06 - 00000000 ____D C:\Users\Nikos\Desktop\Tools gegen Makros virus 2015-12-21 22:23 - 2015-12-21 22:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Nikos\Desktop\tdsskiller.exe 2015-12-21 12:57 - 2015-12-21 12:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 2015-12-21 12:47 - 2015-12-21 12:48 - 164803434 _____ C:\Users\Nikos\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe 2015-12-21 12:03 - 2015-12-30 22:17 - 00000000 ____D C:\FRST 2015-12-21 12:01 - 2015-12-30 22:15 - 01721856 _____ (Farbar) C:\Users\Nikos\Desktop\FRST.exe 2015-12-16 20:33 - 2015-12-16 20:33 - 01304503 _____ C:\Users\Nikos\Downloads\Neues aus Uhlenhorst - Elternbrief 2015-12-14.pdf 2015-12-15 18:37 - 2015-12-15 18:37 - 00165905 _____ C:\Users\Nikos\Downloads\Rechnung-201529324-28275.pdf 2015-12-10 11:56 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-10 11:56 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2015-12-10 11:56 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-12-10 11:56 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2015-12-10 11:56 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-12-10 11:56 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-12-10 11:56 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2015-12-10 11:56 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-10 11:56 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-10 11:56 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-12-10 11:56 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-10 11:54 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-10 11:52 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-10 11:52 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-10 11:52 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-10 11:52 - 2015-11-05 08:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-12-09 13:30 - 2015-12-10 12:59 - 00322560 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2015.xls 2015-12-09 11:52 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 11:52 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 11:52 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 11:52 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 11:52 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 11:52 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 11:52 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 11:52 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-12-09 11:52 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-12-09 11:52 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 11:52 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 11:52 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 11:52 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 11:52 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 11:52 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-12-05 22:36 - 2015-12-05 22:36 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_a_install.exe 2015-12-01 13:09 - 2015-12-01 13:09 - 00000000 ____D C:\premium(0) ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-30 22:14 - 2011-10-04 23:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job 2015-12-30 21:57 - 2009-06-12 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Suche Schutzvorkehrung 2015-12-30 21:52 - 2009-12-19 18:23 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-30 21:47 - 2011-09-25 22:52 - 00000000 ____D C:\Program Files\DVDFab 8122QtBeta 2015-12-30 21:47 - 2011-09-25 22:08 - 00000000 ____D C:\Program Files\DVDFab 8.1.1.8 2015-12-30 21:47 - 2011-09-25 20:55 - 00000000 ____D C:\Program Files\DVDFab 8 Qt 2015-12-30 21:47 - 2008-04-06 22:09 - 00000000 ____D C:\Program Files\Unlocker 2015-12-30 21:47 - 2006-11-02 12:18 - 00000000 ____D C:\Windows 2015-12-30 21:44 - 2012-04-08 19:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-30 20:30 - 2013-09-15 12:22 - 00000000 ____D C:\AdwCleaner 2015-12-30 20:29 - 2014-03-17 23:08 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-30 20:28 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\ApplicationHistory 2015-12-30 20:27 - 2009-12-19 18:23 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-30 20:26 - 2009-07-22 16:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2015-12-30 20:26 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-30 20:26 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-30 20:26 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-30 20:24 - 2008-09-08 17:14 - 00000012 _____ C:\Windows\bthservsdp.dat 2015-12-30 20:24 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-30 20:22 - 2008-06-23 18:19 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Yahoo! 2015-12-30 13:19 - 2009-03-24 10:11 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job 2015-12-29 20:16 - 2008-10-03 12:31 - 01643318 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-29 20:16 - 2008-01-21 08:15 - 00702178 _____ C:\Windows\system32\perfh007.dat 2015-12-29 20:16 - 2008-01-21 08:15 - 00158346 _____ C:\Windows\system32\perfc007.dat 2015-12-29 20:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf 2015-12-29 15:44 - 2012-04-08 19:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-12-29 15:44 - 2011-05-15 15:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-12-28 22:34 - 2012-10-20 19:34 - 00000000 ____D C:\Users\Nikos\Desktop\SINTAGES 2015-12-28 13:37 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-27 01:14 - 2011-10-04 23:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job 2015-12-25 23:56 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\Google 2015-12-25 00:00 - 2008-04-16 21:04 - 00000000 ____D C:\Users\Nikos\AppData\Local\PokerStars.EU 2015-12-23 16:32 - 2008-04-16 21:04 - 00000000 ____D C:\Program Files\PokerStars 2015-12-23 15:31 - 2010-12-26 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-12-23 14:55 - 2008-04-04 22:21 - 00146944 _____ C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-22 12:02 - 2008-04-03 18:39 - 00122056 _____ C:\Users\Nikos\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-22 12:00 - 2006-11-02 13:47 - 00435320 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-21 12:58 - 2013-09-02 17:39 - 00000000 ____D C:\Program Files\OpenOffice 4 2015-12-17 22:18 - 2014-08-20 21:20 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-17 22:18 - 2013-08-08 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-17 21:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc 2015-12-17 21:47 - 2008-04-03 18:38 - 00000000 ____D C:\Users\Nikos 2015-12-17 21:47 - 2008-02-20 13:07 - 00000000 ___HD C:\Users\IUSR_NMPR 2015-12-17 21:47 - 2006-11-02 11:22 - 73924608 _____ C:\Windows\system32\config\software_previous 2015-12-17 21:47 - 2006-11-02 11:22 - 47972352 _____ C:\Windows\system32\config\components_previous 2015-12-17 21:47 - 2006-11-02 11:22 - 43778048 _____ C:\Windows\system32\config\system_previous 2015-12-17 21:47 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous 2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous 2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous 2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Reihe · Business Line 2015-12-17 21:46 - 2012-08-03 19:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-17 21:46 - 2011-10-04 23:40 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-17 21:46 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\TVEnhance 2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool 2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration 2015-12-17 21:22 - 2015-01-14 09:28 - 00000000 ____D C:\Users\Nikos\Desktop\willy.tel rechnung 2015-12-15 18:36 - 2008-04-04 00:23 - 00000000 ____D C:\Users\Nikos\AppData\Local\Adobe 2015-12-11 13:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache 2015-12-11 12:31 - 2008-06-24 14:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-11 01:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer 2015-12-10 11:58 - 2010-06-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 11:52 - 2013-08-16 08:51 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 11:35 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-12-09 19:45 - 2014-12-30 23:58 - 00296960 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2014.xls 2015-12-05 19:58 - 2015-01-10 00:57 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-05 19:58 - 2015-01-10 00:57 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-02 13:25 - 2009-10-03 00:54 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2010-05-25 19:40 - 2010-05-25 19:40 - 145988770 _____ () C:\Program Files\openofficeorg1.cab 2010-05-25 19:43 - 2010-05-25 19:43 - 3099136 _____ () C:\Program Files\openofficeorg32.msi 2010-05-25 19:41 - 2010-05-25 19:41 - 0460088 _____ () C:\Program Files\setup.exe 2010-05-25 18:46 - 2010-05-25 18:46 - 0000290 _____ () C:\Program Files\setup.ini 2012-12-03 18:29 - 2012-12-03 18:29 - 0000288 _____ () C:\Users\Nikos\AppData\Roaming\.backup.dm 2010-05-14 02:38 - 2010-05-14 02:45 - 0001028 _____ () C:\Users\Nikos\AppData\Roaming\AVIEncoder.wff 2008-12-11 21:53 - 2009-01-03 20:59 - 0000000 _____ () C:\Users\Nikos\AppData\Roaming\AVSDVDPlayer.m3u 2008-04-06 19:57 - 2014-03-24 00:25 - 0000196 _____ () C:\Users\Nikos\AppData\Roaming\Default.PLS 2009-01-02 13:24 - 2009-01-04 17:45 - 0081920 _____ () C:\Users\Nikos\AppData\Roaming\ezpinst.exe 2008-06-05 17:51 - 2011-09-25 20:41 - 0087608 _____ () C:\Users\Nikos\AppData\Roaming\inst.exe 2008-06-05 17:51 - 2011-09-25 20:41 - 0007887 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.cat 2008-06-05 17:51 - 2011-09-25 20:41 - 0001144 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.inf 2008-06-05 17:51 - 2011-09-25 20:41 - 0000055 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.log 2008-06-05 17:51 - 2011-09-25 20:41 - 0047360 _____ (VSO Software) C:\Users\Nikos\AppData\Roaming\pcouffin.sys 2008-04-03 20:12 - 2013-09-14 11:07 - 0000460 _____ () C:\Users\Nikos\AppData\Roaming\wklnhst.dat 2011-01-19 13:57 - 2015-11-02 19:45 - 0001188 _____ () C:\Users\Nikos\AppData\Local\crc32list11.txt 2008-04-03 23:34 - 2015-07-19 18:01 - 0008268 _____ () C:\Users\Nikos\AppData\Local\d3d9caps.dat 2008-04-04 22:21 - 2015-12-23 14:55 - 0146944 _____ () C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-04-03 18:39 - 2008-04-03 18:39 - 0000093 _____ () C:\Users\Nikos\AppData\Local\fusioncache.dat 2008-05-19 11:27 - 2008-05-19 11:27 - 0000022 _____ () C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631 2008-04-08 17:59 - 2008-04-08 17:59 - 0000305 _____ () C:\ProgramData\addr_file.html 2008-04-03 19:18 - 2010-01-22 19:35 - 0021183 _____ () C:\ProgramData\hpzinstall.log 2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.001 2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.dat 2008-04-25 20:34 - 2008-04-25 20:34 - 0004977 _____ () C:\ProgramData\ywasvxup.hvs Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Public\dcmsvcsetup.exe C:\Users\Public\invokesi.exe Einige Dateien in TEMP: ==================== C:\Users\Nikos\AppData\Local\Temp\AskSLib.dll C:\Users\Nikos\AppData\Local\Temp\avgnt.exe C:\Users\Nikos\AppData\Local\Temp\GdiPlus.dll C:\Users\Nikos\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll C:\Users\Nikos\AppData\Local\Temp\sfareca00001.dll C:\Users\Nikos\AppData\Local\Temp\sfextra.dll C:\Users\Nikos\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-30 20:34 ==================== Ende vom FRST.txt ============================ |
|
30.12.2015, 23:29
| #8 |
| | FRST AdditionCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:30-12-2015
durchgeführt von Nikos (2015-12-30 22:20:03)
Gestartet von C:\Users\Nikos\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-04-03 17:29:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1865184633-4289980622-1215388488-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1865184633-4289980622-1215388488-1002 - Limited - Enabled)
Gast (S-1-5-21-1865184633-4289980622-1215388488-501 - Limited - Disabled)
IUSR_NMPR (S-1-5-21-1865184633-4289980622-1215388488-1003 - Limited - Enabled) => C:\Users\IUSR_NMPR
Nikos (S-1-5-21-1865184633-4289980622-1215388488-1004 - Administrator - Enabled) => C:\Users\Nikos
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
12th Century BlackJack 2.1.3 (HKLM\...\12th Century BlackJack) (Version: 2.1.3 - hxxp://www.bksoft.de)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3D-Fahrschule Demo (HKLM\...\3D-Fahrschule Demo) (Version: - )
3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.8.0720b - Xilisoft)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ALDI Foto Manager Free Nord (HKLM\...\ALDI Foto Manager Free Nord D) (Version: 3.4.0.466 - MAGIX AG)
ALDI Foto Service Nord (HKLM\...\ALDI Foto Service Nord D) (Version: 1.12.0.93 - MAGIX AG)
ALDI Online Druck Service (Nord) (HKLM\...\ALDI Online Druck Service (Nord)) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version: - )
Asterix bei den Olympischen Spielen (HKLM\...\Asterix at the Olympic Games) (Version: - Atari)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AVIConverter 2.1 (HKLM\...\AVIConverter) (Version: 2.1 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
BattlEye Uninstall (HKLM\...\BattlEye for A2) (Version: - )
Bing Bar (HKLM\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Blaze Media Pro (HKLM\...\Blaze Media Pro) (Version: - Mystik Media)
Blaze Media Pro (Version: 8.0 - Mystik Media) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{0830C2E8-01B9-4CD1-B218-12B0107D5BED}) (Version: 0.9.10 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D1300 (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D1300_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler 2 - Die nächste Generation - Demoversion (HKLM\...\S2TNGDemo) (Version: - )
Diercke Globus (HKLM\...\Diercke Globus) (Version: 1.1 - Imagon GmbH)
dolp_demo (HKLM\...\{6CA671A5-954C-4B75-8104-7B085246A8B5}) (Version: 1.0.0.0 - Maze)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
DVD2one V2.2.1 (HKLM\...\DVD2one V2) (Version: 2.2.1 - Eximius B.V.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
EmptyInstaller2 (HKLM\...\{6473B3D0-B05C-4D2F-A7EC-BECB512FCB14}) (Version: 1.0.0.0 - Maze)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Facebook Plug-In) (Version: - Facebook, Inc.)
FileConverter 1.3 Toolbar (HKLM\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Find Junk Files (HKLM\...\Find Junk Files) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Fußball WM-Chronik (HKLM\...\InstallShield_{50C5FC87-CDF3-445E-86CE-FE4F7703F075}) (Version: 1.00.0000 - USM)
Fußball WM-Chronik (Version: 1.00.0000 - USM) Hidden
GBalph NDSMovie Converter V1.00 (HKLM\...\{5B4F13B0-62C4-4F70-B9A6-3788196EC972}) (Version: 1.00.0000 - GBalpha)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GSGÂ*eXtract (HKLM\...\GSGÂ*eXtract) (Version: - )
HP Deskjet & Photosmart Printer Driver Software 8.0.A (HKLM\...\{981DE354-9301-440f-AAFC-025AA2354A93}) (Version: 8.0 - HP)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{9FAAE06C-DEDD-4299-B88D-1F9AD5E1547F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
ImTOO MPEG Encoder (HKLM\...\ImTOO MPEG Encoder) (Version: 3.1.54.0404b - ImTOO)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
JAP (HKLM\...\JAP) (Version: 00.010.003 - JAP-Team)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version: - )
LibreOffice 4.4.3.2 (HKLM\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
livetvbar Toolbar (HKLM\...\livetvbar Toolbar) (Version: - )
LookDisk (HKLM\...\LookDisk) (Version: - )
M3 SAKURA V1.42 European (GAME PATCH V4.5Beta) (HKLM\...\{ADE237A0-0B2B-4009-AE91-3FF0989C28CD}) (Version: 1.4.2 - GBalpha)
M3 SAKURA V1.47 Global (GAME PATCH V4.8b) (HKLM\...\{F3FB33E7-6058-4C95-8FCE-9C0E01EAF946}) (Version: 1.4.7 - GBalpha)
Magical Kingdom (HKLM\...\{E50CE67B-9E1F-4638-AD3A-D33C7889D23E}) (Version: 1.0.0.3 - Maze)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2516 - CyberLink Corp.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Payne 2 (HKLM\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Media Converter SA Edition 0.8 (HKLM\...\Media Converter SA Edition) (Version: 0.8 - Pascal Beyeler)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
MEDION Fotos auf CD Nord (HKLM\...\MEDION Fotos auf CD Nord D) (Version: 6.0.2.0 - MAGIX AG)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Moorhuhn 3 DL (HKLM\...\{FF895069-BD9A-11D5-986D-00500443CF9F}) (Version: - )
Moorhuhn Kart 2 XS (HKLM\...\{DDABECD7-C579-4477-8B5F-B817AF54B2DC}) (Version: - )
MOV Converter 3 (HKLM\...\MOV Converter 3) (Version: 3.1.8.0720b - Xilisoft)
Movavi Video Converter 6 (HKLM\...\{F2DF7839-7B71-4E34-BB8D-552E182082C9}) (Version: 6.03.000 - MOVAVI)
Mozilla Firefox 43.0.2 (x86 de) (HKLM\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MP3 Player Utilities 3.68 (HKLM\...\{5DFDB75C-DA8C-45DB-987C-67000BB6C3B9}) (Version: 1.0.0 - myMPxPlayer.org)
MP3 Player Utilities 4.00 (HKLM\...\{7784A172-61F1-445E-8368-601607E0DD22}) (Version: 4.00 - )
MP3 Player Utilities 4.15 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.15 - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{5BB977A4-E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia Lifeblog 2.5 (HKLM\...\{E94603CA-2996-4154-8EE2-A5FCD4BFB500}) (Version: 2.5.224 - Nokia)
Nokia NSeries Application Installer (HKLM\...\{FD349381-D79C-4E5C-8980-015DFFB962D5}) (Version: 6.82.15 - Nokia)
Nokia NSeries Content Copier (HKLM\...\{F779EC8D-6703-4C4A-817C-37B07898E647}) (Version: 6.82.15 - Nokia)
Nokia NSeries One Touch Access (HKLM\...\{F4EE8763-EAA8-4BC1-8594-8501F5F00414}) (Version: 6.82.15 - Nokia)
Nokia NSeries System Utilities (HKLM\...\{96E94E18-54D6-42C1-8FC4-24DACEDC3395}) (Version: 6.82.16 - Nokia)
Nokia Software Launcher (HKLM\...\{A8C856AD-63CD-4613-AA29-E6C85607EA06}) (Version: 1.6.80 - Nokia)
Nokia Software Updater (HKLM\...\{3186AEAE-E104-424D-9152-1BF6A4404758}) (Version: 01.03.085.28569 - Nokia Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O MediaRecovery (HKLM\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice 4.1.1 Language Pack (German) (HKLM\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 9.52 (HKLM\...\{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}) (Version: 9.52 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery)
Phoenix Backup Professional (HKLM\...\{BF34527D-7B27-43AD-9994-7B3ABCEF3625}) (Version: 3.5.000 - SYDATEC)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.0.4310 - CyberLink Corp.)
PixiePack Codec Pack (HKLM\...\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}) (Version: 0.10.6.0 - None)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
PokerStars (HKLM\...\PokerStars) (Version: - PokerStars)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.2.2504 - CyberLink Corp.)
Prism Video Converter (HKLM\...\Prism) (Version: - NCH Software)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealArcade (HKLM\...\RealArcade 1.2) (Version: - )
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.60 (HKLM\...\Revo Uninstaller) (Version: 1.60 - VS Revo Group)
RonyaSoft CD DVD Label Maker 2.01 (HKLM\...\RonyaSoft CD DVD Label Maker) (Version: 2.01 - RonyaSoft)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden
SF_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden
Silverjuke 2.51 (HKLM\...\Silverjuke) (Version: 2.51 - Bjoern Petersen Software Design and Development)
SLD CODEC PACK 1.5.3 (HKLM\...\SLD CODEC PACK 1.5.3) (Version: - )
SopCast 3.0.3 (HKLM\...\SopCast) (Version: 3.0.3 - SopCast.com)
Speckie (HKLM\...\{C1A4F1E2-46E6-4EEE-B183-B10908BEF30F}) (Version: 5.9.1 - Versoworks)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steganos Safe OEM (HKLM\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Stream Torrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version: - )
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{B23B43B5-DDDC-41DA-9700-F334744E694E}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPER RTL - Clubs 2.1 (HKLM\...\SUPER RTL - Clubs) (Version: 2.1 - SynthiCon AG)
Switch Sound File Converter (HKLM\...\Switch) (Version: - NCH Swift Sound)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Systemsteuerung "MobileMe" (HKLM\...\{6DA9102E-199F-43A0-A36B-6EF48081A658}) (Version: 2.1.0.24 - Apple Inc.)
Tobit.Software ClipInc (HKLM\...\Tobit ClipInc Server) (Version: - Tobit.Software)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Treiber-Studio Heft-Ausgabe 1.5.0.0 (HKLM\...\Treiber-Studio Heft-Ausgabe) (Version: 1.5.0.0 - )
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4916 - CyberLink Corp.)
TVAnts 1.0 (HKLM\...\TVAnts 1.0) (Version: - )
TVsweeper 3 (HKLM\...\{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}) (Version: 3.0.3 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Videora iPod Converter 3.00 (HKLM\...\Videora iPod Converter) (Version: 3.00 - Red Kawa Inc.)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 4.6.5 - Shark007)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.541 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WISO Mein Geld 2008 Professional (HKLM\...\{D8D22773-14BF-4178-A683-3DBA515C2A26}) (Version: 9.00.01.0023 - Buhl Data Service GmbH)
WISO Sparbuch 2009 (HKLM\...\{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}) (Version: 16.00.6228 - Buhl Data Service GmbH)
WISO Sparbuch 2010 (HKLM\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{E27015CD-CE60-4D7A-A194-1EDB6F0294B8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM\...\{4A07FBD0-6B15-4066-81BE-9C6F56BF3374}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wonderland (HKLM\...\Wonderland) (Version: - )
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - )
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\XBMC) (Version: - Team XBMC)
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\XBMC) (Version: - Team XBMC)
Xilisoft DVD Creator (HKLM\...\Xilisoft DVD Creator) (Version: 3.0.39.1212 - Xilisoft)
Xilisoft Video Converter (HKLM\...\Xilisoft Video Converter) (Version: 3.1.34.0629b - Xilisoft)
XMedia Recode 2.0.5.3 (HKLM\...\XMedia Recode) (Version: 2.0.5.3 - Sebastian Dörfler)
XP Codec Pack (HKLM\...\XP Codec Pack) (Version: - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Suche Schutzvorkehrung (HKLM\...\Yahoo! Search Defender) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\axfbootloader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" => Keine (Der Dateneintrag hat 5 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.27.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.13\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.26.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00BE7185-5F1A-43C0-841C-E8AD68D8BBC4} - System32\Tasks\{10B97F12-AA7F-4903-A405-D74A04A02705} => pcalua.exe -a E:\SetupAssistant.exe -d E:\
Task: {0B3E7A5F-B901-4D04-9259-C015B138F1CC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {0F4F6AF1-C77D-4E08-85D9-FEBB65E5E4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {11B0894E-EBCE-4AAB-8F8B-4013E73385A2} - System32\Tasks\{94080AF5-9C42-4005-81E6-24B1E650BC1E} => pcalua.exe -a C:\Users\Nikos\Downloads\unlocker1.8.7.exe -d C:\Users\Nikos\Downloads
Task: {12B11D5D-2993-47F4-9270-46E04933A8CF} - System32\Tasks\{F3E24BE1-F331-4D0D-BD46-503BDEE7717D} => pcalua.exe -a "C:\Users\Nikos\Desktop\ALLES FÃœR NDS\Lunar IPS.exe" -d "C:\Users\Nikos\Desktop\ALLES FÃœR NDS"
Task: {168BA2CF-94D6-474B-B659-3283CB39D762} - System32\Tasks\{240A4E2B-8314-403B-BF24-ADFDFE93354C} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner (2)\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner (2)"
Task: {16E4CC5F-7DF7-4BFC-92C0-9EC968B3B6BF} - System32\Tasks\{00BF5DC6-FDDC-48BF-9017-04EEC67AE43F} => pcalua.exe -a C:\Users\Nikos\Desktop\sw5_6520_eu.exe -d C:\Users\Nikos\Desktop
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {231E0501-6AC1-420F-8A83-EF999F81EAA7} - System32\Tasks\{DF09BE72-43DD-4305-9F7E-A1774FCDB454} => pcalua.exe -a C:\Users\Nikos\Desktop\XMediaRecode2053_setup.exe -d C:\Users\Nikos
Task: {2708CB5F-8F92-4B5C-83A6-E1A97D7E2EF9} - System32\Tasks\{99BABFB4-4F16-4BD4-A05B-BFF67E26FB78} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {2AEABF7F-795C-4666-8B09-18E661369557} - System32\Tasks\{120445C3-D540-456D-8DF0-70E4FF15F2B1} => pcalua.exe -a "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut\Setup.exe" -d "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut"
Task: {321CA7E7-C48A-4A10-8BF4-395321F9A4C8} - System32\Tasks\{B44C65CF-D43C-488A-B75E-A987F4403661} => pcalua.exe -a C:\Users\Nikos\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Nikos
Task: {34533105-4D81-4652-9399-B189F4B2FE73} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {364076C4-05DA-4B85-AD23-C7B6967E5EF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {3BE9D675-0541-42C7-8ACF-D15A48FB9B5E} - System32\Tasks\{A138F0C9-67D3-44F5-BAB5-2B7BD156D5D2} => pcalua.exe -a "C:\Program Files\VistaCodecPack\Tools\InstalledCodec.exe" -d "C:\Program Files\VistaCodecPack\Tools\"
Task: {44D97E15-7636-481C-A83F-EA46F946D820} - System32\Tasks\{4CB191AA-F68D-49DB-A863-211EF758A25A} => pcalua.exe -a C:\PROGRA~1\MICROS~3\Office12\Moc.exe -d "C:\Users\Nikos\Desktop\Neuer Ordner" -c "C:\Users\Nikos\Desktop\Neuer Ordner\PresentationLoad-3D-Vorlagen.pptx"
Task: {515414C4-74D2-47E4-87E5-49E4DC94DA89} - System32\Tasks\{49ACCF4B-A098-495D-B44D-BC8B6B22F590} => pcalua.exe -a E:\setup.exe -d E:\
Task: {55783787-C5DE-4049-A0DC-0F43EF7F6694} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {587F68AD-9635-47E2-B647-17F90CD838D1} - System32\Tasks\{8265807A-6E3A-42BF-87FD-BC6D234158EF} => pcalua.exe -a "C:\Program Files\eRightSoft\SUPER\Setup.exe" -d "C:\Program Files\eRightSoft\SUPER" -c /remove
Task: {6F3BEC83-FEB2-47C9-828E-811D071213FE} - System32\Tasks\{C79FFAE0-15D5-4CD4-A837-C2B4C989D0F7} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\MagicDVDCopier471.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {71439A45-A908-4FBD-9532-01BD7546FF86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {74BDEF06-C4BF-4CB1-BD36-6D638DE3C525} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {76D771A3-F641-4632-86D4-5B046570B782} - System32\Tasks\{A8AD5988-D9CA-4A4E-9720-FE24DC271413} => pcalua.exe -a c:\Users\Nikos\Downloads\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {828A5067-4CE7-4486-A184-C42486F77710} - System32\Tasks\{F097281D-838A-42E8-A844-C8ADA88F8AB9} => pcalua.exe -a J:\OO\DE\OOMediaRecoveryDeu.exe -d J:\OO\DE
Task: {87D918BE-41E3-4159-886B-5A3E0663557E} - System32\Tasks\{6733710C-AD59-4A51-A4E9-EE2E051299F6} => pcalua.exe -a "C:\Program Files\PCast\uninst.exe"
Task: {89654B80-80E6-42EE-8043-724DCFD1FD64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B062C8A-4FBF-4301-810A-2B561E597E27} - System32\Tasks\{B917E915-7176-416B-84AF-BB4B3928F942} => pcalua.exe -a E:\setup.exe -d E:\
Task: {8EAA433D-C477-4212-BD86-11E9CAE95FC6} - System32\Tasks\{68BA138E-CE37-4BB1-AE38-B9D802DE5949} => pcalua.exe -a C:\Users\Nikos\Downloads\mp4_Driver\setup.exe -d C:\Users\Nikos\Downloads\mp4_Driver
Task: {91DD65D7-2879-4B03-844F-CF93A2E889E2} - System32\Tasks\{A4B3955B-0085-4D2A-86DB-84BCC6717498} => pcalua.exe -a c:\Users\Nikos\Downloads\unlocker1.8.6.exe
Task: {A48CC989-C9EC-4341-90FD-D0D66BD5C933} - System32\Tasks\{09C787DC-5B2A-4639-892E-88B38736CBDC} => pcalua.exe -a C:\Windows\system32\BDEADMIN.CPL -c BDE-Verwaltung
Task: {AD4E1F21-77C3-40A8-9D3F-D2B8251EEAFC} - System32\Tasks\{9B8C3F0E-BFA7-487F-A081-B084CCF19051} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner"
Task: {B0669124-F4BB-4830-896B-6DC9B2E67E60} - System32\Tasks\{2485666A-3E32-49BA-A08A-F99057EF1BF1} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B3C8AECE-C0D6-4B02-A53D-5CC394AE0A0C} - System32\Tasks\{DC586420-D732-4F9C-A7A9-B8D002BE913B} => pcalua.exe -a C:\PROGRA~1\MICROS~3\OFFICE11\XLVIEW.EXE -d C:\Users\Nikos\Desktop -c /e
Task: {B708D72F-1990-4815-BD13-E9008EEAC32E} - System32\Tasks\{FF41816C-8E44-41D5-9BEA-B70EEBAD5032} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\XMediaRecode2053_setup.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {BDAA8694-C6F2-4808-9DE1-4CC263839631} - System32\Tasks\{CB70345E-703A-4568-A356-0E6220B64A31} => pcalua.exe -a C:\Users\Nikos\Downloads\Nero-9.2.6.0_trial.exe -d C:\Users\Nikos
Task: {BEBEE22A-268D-4AEA-A761-134B522FDB70} - System32\Tasks\{8E467004-6634-4237-9451-BF9CBACBC7E6} => pcalua.exe -a C:\Users\Nikos\Desktop\Slim1200_de.exe -d C:\Users\Nikos\Desktop
Task: {C0985CF5-FA42-43A9-BED4-F77CF93C4906} - System32\Tasks\{4C1E1956-1384-4CA0-904C-DF3140E27077} => pcalua.exe -a "C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYSQSP8D\GoogleToolbarInstaller[1].exe" -d C:\Users\Nikos
Task: {C0F5EDF9-B795-4E12-B225-F5868EFBC3EA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {CB1FE278-9807-4AE8-B278-E4C6DFF9F439} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
Task: {DB95491E-2E0B-4DCB-94E4-3281FE7D57E7} - System32\Tasks\{BE3C389D-1E10-4065-9A05-49F75A345419} => pcalua.exe -a C:\Users\Nikos\Desktop\mp4_Driver\setup.exe -d C:\Users\Nikos\Desktop\mp4_Driver
Task: {EE0B0FF5-AF20-4CCA-8BAE-A4EE63F04AC4} - System32\Tasks\{608EE20C-4384-4796-81DC-0F7910E95E88} => pcalua.exe -a "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net\InstMsiW.exe" -d "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net"
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {F81B7673-7CD7-417D-9362-A1058B1731CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Nikos\Downloads\Documents\eBay - Der weltweite Online-Marktplatz.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0¤cy_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONload.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionload.de
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONmusic.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionmusic.com
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0¤cy_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-06-25 13:17 - 2008-06-07 08:09 - 00022832 _____ () C:\Windows\System32\win2pdfm.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-12-31 13:33 - 2009-12-31 13:33 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ed7d69e2\mscorlib.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f0970aa0\system.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ec1cfc11\system.windows.forms.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3dac4b7b\system.xml.dll
2008-02-19 14:14 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-17 10:31 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2009-04-27 01:43 - 2008-10-20 21:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2008-02-19 14:32 - 2007-01-09 10:25 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2010-10-14 11:57 - 2010-10-14 11:57 - 00040960 _____ () C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2008-05-02 05:15 - 2008-05-02 05:15 - 00010240 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2008-10-01 14:24 - 2008-10-01 14:24 - 00147456 _____ () C:\Program Files\Steganos Safe OEM\ShellExtension.dll
2008-04-04 12:30 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2005-07-22 07:21 - 2005-07-22 07:21 - 00032768 _____ () C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\AmvTransform.dll
2010-01-14 15:59 - 2009-10-07 21:28 - 00200704 _____ () C:\Program Files\ImageConverter Plus\gpgate.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 01183744 _____ () C:\Program Files\ImageConverter Plus\FCRTL.dll
2010-01-14 15:59 - 2009-10-07 21:24 - 01339392 _____ () C:\Program Files\ImageConverter Plus\fcnv.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 06803456 _____ () C:\Program Files\ImageConverter Plus\fpdf.dll
2010-01-14 15:59 - 2009-10-07 21:18 - 00020992 _____ () C:\Program Files\ImageConverter Plus\MemHandler.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2008-04-05 22:13 - 2007-12-12 10:21 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2008-12-11 09:16 - 2008-12-11 09:16 - 00026112 _____ () C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
2010-10-23 01:53 - 2009-04-07 12:53 - 00030440 _____ () C:\Program Files\dcmsvc\dcmsvc.exe
2008-02-19 15:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2010-05-26 01:31 - 2010-04-01 13:09 - 00039936 _____ () C:\Program Files\phonostar-Player\phonostarTimer.exe
2010-05-26 01:31 - 2009-08-13 11:54 - 02013184 _____ () C:\Program Files\phonostar-Player\QtCore4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 07464448 _____ () C:\Program Files\phonostar-Player\QtGui4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 00179712 _____ () C:\Program Files\phonostar-Player\QtSql4.dll
2010-05-26 01:31 - 2009-06-20 07:55 - 00344576 _____ () C:\Program Files\phonostar-Player\plugins\sqldrivers\qsqlite4.dll
2015-11-16 17:55 - 2015-11-16 17:55 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0B9D8E22
AlternateDataStreams: C:\ProgramData\TEMP:242231A9
AlternateDataStreams: C:\ProgramData\TEMP:4B7BEAFF
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\elsteronline.de -> hxxps://www.elsteronline.de
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 11:23 - 2009-02-18 10:26 - 00000054 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F3ECBA52-9DCC-47F6-A021-9E923C2C2B01}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{C6812261-0A3C-43C2-8949-9AE5157D671F}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{850CBDDC-B319-41D0-828D-5B182D38EBCB}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{A96BB2BD-409A-42B9-A526-2B3717225E15}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{9D595453-CD4A-4CFF-9FFD-136623996ED8}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{7BF2D859-36AA-4EB2-B71E-A471BCEF5539}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}] => (Allow) LPort=9442
FirewallRules: [{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}] => (Allow) LPort=1900
FirewallRules: [{CF2CDCB5-D2F6-49D4-A33B-5EF67FA9D1DA}] => (Allow) C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe
FirewallRules: [{7F175D14-9107-4174-AD62-766C7D6740C8}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{391F82BA-B271-4FFF-9768-42063CB88C6B}] => (Allow) C:\Program Files\HomeCinema\PowerDVD\PowerDVD.EXE
FirewallRules: [{185FC6A3-2B03-4813-8182-41FD835D1941}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEnhance.exe
FirewallRules: [{ED2CFFBA-B70F-428F-9C7B-416B44412005}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
FirewallRules: [TCP Query User{594F2DEB-9E25-4F0B-9E98-930738E75A4F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A039D724-C852-4BB2-9618-BD6FB4C2394B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D183A532-4BAF-4785-98FD-DA54FC227168}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{B43D804E-6FC9-42E0-BC4B-07748F7B3E8F}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{D87558D8-C545-43F3-B523-6C0990EE1B46}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{7ED35175-BC8F-40D3-88FF-EF4850E2C87A}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{D165D383-F47B-452B-BDC5-04FCC70D4172}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{89897771-CD2B-44BF-812C-6232B5D65788}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{AFAB67EF-B656-4F40-9C6C-9671417FC63A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A3231AEE-CAE4-46C7-A157-017A8E677939}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{BA16A689-B25D-499F-8531-4B40BF0F2C2B}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{AD2E3A6D-A0DB-44A0-B6C7-61E4485683CD}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{29D7F53B-E847-4AB3-801C-D5FFC541F079}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C1201A86-06E2-4863-90B4-03AA7361CB67}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{E1507264-19F0-43EB-A3EF-77242D435ECA}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [UDP Query User{737DE753-82B2-4629-82FF-4F02087B28E5}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [TCP Query User{CC5E1C63-578B-4333-95D9-07B7B384E717}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [UDP Query User{6769E18A-6EFC-4726-A3F7-5CBB61CD132C}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [TCP Query User{BDB3F5D9-831C-4247-81C2-961CEF3E708B}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{5BB4A5B7-393A-49F0-9A8A-D21D088E1E59}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{9B7C19FA-D923-4F11-AAF0-237AEA9F73F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D23F01CA-594F-4C03-B7B6-C57D358541CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{5848E646-13E1-4DC9-80CD-0E8F9732EC59}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{C982022C-A7D1-46FE-BDDE-83E797DAB6CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{8BB77B86-275E-436A-BA43-5FDB65B04446}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{D740A3D4-11A7-4589-897C-8367416022FB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{098A7C6B-0BF2-453B-B70F-CD6F2319B326}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [UDP Query User{4AB7955B-115F-4BE7-9448-C77510362D77}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [TCP Query User{25200373-2AE9-4DB3-8BD7-9632D5260B45}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{33C4E831-53C9-4302-80CE-1C77AD38AFE6}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{4FB1D683-B1F0-475F-8874-892326392BA3}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2972BFAC-EF0F-463A-9764-795C17631725}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{6C0809A0-426D-4330-8A63-809774F297B8}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [UDP Query User{D01EFB15-45F2-4FD9-A082-DF63D020A56B}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [{AFCF677F-2F5D-4C13-A224-7D421F1118CE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EAE71A81-0873-497A-AA9F-FA9650DABE27}] => (Allow) LPort=2869
FirewallRules: [{FC768887-DED2-4A0C-92FE-B5086FCC2932}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{CBD2B1A2-1BFD-44EF-B08D-8F91525089F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{97297122-7FF4-4439-8581-35655C5F5C98}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{52E46CD5-1D18-4AAF-9C1C-9CE50EE19552}] => (Allow) LPort=80
FirewallRules: [{E0F103B8-968D-4BBC-AD28-2FB01CBB97A8}] => (Allow) LPort=80
FirewallRules: [{FA2716BA-9FEB-47B9-91FC-EA990AE17B32}] => (Allow) LPort=80
FirewallRules: [TCP Query User{15C06BC4-4643-4EF0-A3DD-FF924FD04F8D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{2B34AB91-9E92-4F7F-94B1-FEC1A1D3018E}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{7DDFCB58-FB5E-457F-AC35-3233EB654D0F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4F2EADE1-0719-49E9-8BCA-5622DF8B6269}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{7CA83392-865A-446D-BFE0-496A7C4505FF}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{984D0F7D-4EB7-4C0D-B883-6CF2B7625575}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0D70E4CE-EA81-4C40-A763-0C870338BCD9}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{C3248F83-AA59-4556-908C-6B75D4DEA877}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{CD9B2571-4206-4F61-81EF-5A4FDC8E8ED9}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{F091261E-7637-4008-913F-0BB52616B39C}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{1AB9F065-D7BA-42B4-8389-21845D513865}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{FA859A85-2C38-4A4F-961C-A2AE38C11EB9}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{4347CA25-3756-4C02-977B-F0823F8A7015}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{25B3A4C1-24BF-4245-9CCC-C05D5DF8514E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{055126E8-DA11-43EF-BDB7-4037918517EE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{ED908A22-74AD-4FE4-800F-021C77BC5AAF}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{BB4B6292-B3EE-4DB5-A8E5-2C1A8E193826}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{891A0DF7-39C4-4788-A2E5-E6839CFF89C7}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{C58B52A6-C708-43F2-B234-FAB16F3BABC4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{71222D28-6D3B-4409-B1A5-FFDDC2F7115C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A94CDEEB-A61C-40BB-A3DD-DEEBA70F9953}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{EC10BB3F-B228-4A3E-BEBF-C3D094E29693}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41B7C7AE-9FB4-4DBE-BB03-270A93A5A156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CCF94E4-2F3E-4DCC-AEF3-63A4C96028BD}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5B8A4346-3F2F-4ABA-BA78-97FD3E04837C}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5A3EEBA5-8AA7-4F3B-BC5B-678326C70CFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7F06858D-9332-4822-8003-1BF015A67755}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{3425A507-6D5B-4594-A4D0-4CDE5AAF8F5A}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{680EC8A3-B0E1-4A54-915E-2D4EEE78F81E}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [TCP Query User{F7F55C8C-DE9C-49EE-842C-B9F21AEAC413}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{79EC5FE0-F5AD-4F2F-AD48-E3313DF0B4CA}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [{2CDF1437-3AF3-4FA1-B375-C2C3CFEF1D88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D28A83B8-9674-4DE1-AE97-D4DE7344A1E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{73C70069-08AB-4797-9FD2-C84C0BFB9E17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A65FD6B1-AA90-499F-9D27-8A0CD6EE7F40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\PPMate\ppmate.exe] => Enabled:PPMate
==================== Wiederherstellungspunkte =========================
19-12-2015 19:23:52 Windows Update
20-12-2015 03:00:13 Windows Update
21-12-2015 10:41:37 Windows Update
21-12-2015 12:51:45 OpenOffice 4.1.2 wird installiert
21-12-2015 12:54:28 OpenOffice 4.1.2 wird installiert
22-12-2015 12:05:27 Windows Update
23-12-2015 10:56:08 Windows Update
23-12-2015 15:38:01 Windows Update
23-12-2015 15:41:39 Windows Update
24-12-2015 13:50:28 Windows Update
24-12-2015 14:18:13 Windows Update
25-12-2015 12:39:27 Windows Update
26-12-2015 15:59:25 Windows Update
27-12-2015 13:11:25 Windows Update
28-12-2015 13:43:24 Windows Update
29-12-2015 14:04:22 Windows Update
30-12-2015 12:51:40 Windows Update
30-12-2015 19:22:01 Removed Ask Toolbar.
30-12-2015 19:24:46 Removed Ask Toolbar.
30-12-2015 19:37:34 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:37:53 Removed Ask Toolbar.
30-12-2015 19:43:43 Revo Uninstaller's restore point - Ask Toolbar Updater
30-12-2015 19:49:23 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:49:41 Removed Ask Toolbar.
30-12-2015 19:54:08 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:54:24 Removed Ask Toolbar.
30-12-2015 19:55:37 Removed Ask Toolbar.
30-12-2015 19:56:01 Removed Ask Toolbar.
30-12-2015 19:58:29 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:58:45 Removed Ask Toolbar.
30-12-2015 20:03:59 Removed Ask Toolbar.
30-12-2015 20:04:37 Removed Ask Toolbar.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/30/2015 10:13:41 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy41,0xc0000000,0x00000003,...)". hr = 0x80070005.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (12/30/2015 10:11:59 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy40,0xc0000000,0x00000003,...)". hr = 0x80070005.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (12/30/2015 08:26:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2015 07:58:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}
Error: (12/30/2015 07:54:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}
Error: (12/30/2015 07:49:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}
Error: (12/30/2015 07:43:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}
Error: (12/30/2015 07:37:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}
Error: (12/30/2015 07:10:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2015 12:55:00 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
Systemfehler:
=============
Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Intel(R) Viiv(TM) Media ServerIntel(R) Software Services Manager%%1053
Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) Software Services Manager%%1053
Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Intel(R) Software Services Manager
Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Avira Service Host
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: ClipInc 001%%1053
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000ClipInc 001
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard Email Monitoring Service%%126
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard File Scan Service%%126
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard Main Service%%126
Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BullGuard LiveUpdate%%3
CodeIntegrity:
===================================
Date: 2015-12-30 22:19:07.102
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:06.556
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:06.150
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:05.776
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:05.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:04.684
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:03.966
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:19:03.389
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:18:21.565
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-30 22:18:21.175
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 971.29 MB
Summe virtueller Speicher: 6341.89 MB
Verfügbarer virtueller Speicher: 4033.86 MB
==================== Laufwerke ================================
Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:145.66 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.52 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A2150798)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== Ende vom Addition.txt ============================
|
|
30.12.2015, 23:45
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Heitmann Metallhandel Makros Virus Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
31.12.2015, 10:17
| #10 |
| | ESETCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# end=init
# utc_time=2015-12-31 12:43:33
# local_time=2015-12-31 01:43:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 27432
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# end=updated
# utc_time=2015-12-31 12:48:19
# local_time=2015-12-31 01:48:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# engine=27432
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-31 05:54:31
# local_time=2015-12-31 06:54:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 30199 289073999 0 0
# scanned=390458
# found=36
# cleaned=0
# scan_time=18372
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\FileConverter_1.3ToolbarHelper.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\ldrtbFile.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\prxtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\tbFile.dll.vir"
sh=C17C7DDBB91C801C72EE51F3FA2665E98F1C5F17 ft=1 fh=a0bfbf24d93a8c08 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\livetvbar\tblive.dll.vir"
sh=E0F71AF6D9955EED69EF0775EA537594A07E147C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{ad55c869-668e-457c-b270-0cfb2f61116f}\chrome\livetvbar.jar.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Local\Conduit\CT3241949\FileConverter_1.3AutoUpdateHelper.exe.vir"
sh=76039D5A64EF897B1AA388EED70452774019DB59 ft=1 fh=890f56b03e669e11 vn="Win32/Somoto.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Local\FilesFrog Update Checker\update_checker.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\ldrtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\tbFile.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=4B45816B7F6079519DAA542D698CB7E90E7C0F4B ft=1 fh=fccf593df7a23fe2 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Roaming\Desktopicon\eBayShortcuts.exe.vir"
sh=C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js.vir"
sh=C17C7DDBB91C801C72EE51F3FA2665E98F1C5F17 ft=1 fh=a0bfbf24d93a8c08 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\livetvbar\tblive.dll"
sh=1C57A69E1E31CAAE1B42524427FC75BE3C8BF644 ft=1 fh=c0043c4b8e817953 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Program Files\MP3 Player Utilities 4.00\DelDrv.exe"
sh=AB6513FD1943288D196F8EDC5371009A495BB070 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\VistaCodecs\{5FBFD3A0-7B9A-4AD3-B522-21CF25B7E8B6}\Vista Codec Package.msi"
sh=AB6513FD1943288D196F8EDC5371009A495BB070 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\VistaCodecs\{5FBFD3A0-7B9A-4AD3-B522-21CF25B7E8B6}\Vista Codec Package.msi"
sh=229272D53A564B875A9274C4C7B6A35E2BD3C6E7 ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.GI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW8TQQBB\2[1].zip"
sh=181E8293919890E8529477730992284CB33CAC34 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js"
sh=73D1BB234EAC2EAFE6F4209853E0A12EA3E9F3FA ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js.bak"
sh=5ADA3306DA92ADD77BFAA8D42B044B65661FD9E1 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js.new"
sh=9C43EE94C9A1F2577EC13AFBF10BFD63E91C6CE6 ft=1 fh=f43a20e0ad73ec1f vn="Variante von MSIL/Packed.FishNet.A verdächtige Datei" ac=I fn="C:\Users\Nikos\Desktop\ALLES FÜR DIE DVD\DVDFab 8.0.9\DVDFab 8.0.9.2 QT (MrXidus)\Patch\Patch.exe"
sh=C5FE8DD7166AE2FE6D2E867738B2D7521DD26B3D ft=1 fh=c6d89ed62258024e vn="Variante von MSIL/Packed.FishNet.A verdächtige Datei" ac=I fn="C:\Users\Nikos\Desktop\ALLES FÜR DIE DVD\DVDFab 8.1.1.8\DVDFab8118_Beta_BBB\DVDFab.Products.v8.x.x.x.Multi.Patch.v0.8-BBB\Patch.exe"
sh=02F253D2527F578284FF3AAB77AF109B863AE4F0 ft=0 fh=0000000000000000 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\AMV_Convert_400.zip"
sh=E667DAA20C88C0A3726BFD8D9FBE5F1E5A9B8874 ft=1 fh=cac44e7caa7a221d vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\Setup_FreeConverter.exe"
sh=E67F12D1B6D409C44F0D10DFC13A57142BDA7B5D ft=0 fh=0000000000000000 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\MP3 Player Utilities 4.00\MSI.CAB"
sh=914B83CE56F1E779339AFA645DE46D5F927A0703 ft=1 fh=ab1c30c4ec732841 vn="Variante von Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Desktop\DESKTOP\SoftonicDownloader35742.exe"
sh=4338D5944791D0CE359B859397EABEBE203893C8 ft=1 fh=7fc7dafc36e99ed5 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\Core-Temp-setup.exe"
sh=C95708F43A748061D4C31D39204F5D2FAAE9410D ft=1 fh=4d6416c07f3bf995 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\isobuster_3_0.exe"
sh=FCECA2F3361BCFE8D285621D8F36C08A9D2FE8E4 ft=1 fh=1736e6d6d9506a40 vn="Variante von Win32/Toolbar.iMedix.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\radarsync.exe"
sh=76724D9B8CD7266277A708808C7A714CA94D6BF6 ft=1 fh=fa6ba9c5d726b91e vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\SchnellSchreiben.exe"
sh=734CEFF0A3ADF26844CFF8858A35201CE4AA2884 ft=1 fh=cac44e7c1ca876b6 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\Setup_FreeFlvConverter.exe"
sh=97BABE883C945B23C115B9A8B8D694A28522710B ft=1 fh=5b16e8ad0f5f569d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\SoftonicDownloader_fuer_audacity.exe"
sh=FC273CA1C93F962DD53A4A4BFD0C4BDDE0DAABC9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\sopcast(2).zip"
sh=2431047F3EAAA1F5A36B54B598FA5ED0FFD5B2FE ft=0 fh=0000000000000000 vn="LNK/Agent.CH Trojaner" ac=I fn="C:\Users\Nikos\Favorites\TV Online - Free Watch TV Online Football LIVE.URL"
|
|
31.12.2015, 16:53
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Heitmann Metallhandel Makros Virus Softwarecracks sind hier nicht gewünscht. Deshalb wird der Support jetzt auch beendet. Wichtig aber, PC ist sonst sauber. Am besten ESET-Funde löschen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
31.12.2015, 18:12
| #12 |
| | Danke Hallo Jürgen , Danke noch mal für deine Zeit und deine Unterstützung. Ich habe eine kleine Spende dem Trojaner Board zukommen lassen. Ich habe ESET gelöscht. Ich werde den Durchlauf noch mal machen (5 Std.) und die alles in Quarantäne verschieben. Danke noch mal und guten Rutsch. |
|
01.01.2016, 15:00
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Heitmann Metallhandel Makros Virus Danke & OK 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Heitmann Metallhandel Makros Virus |
| antivirus, avira, computer, converter, downloader, ebay, excel, firefox, flash player, geld, help, helper, home, iexplore.exe, registry, scan, security, server, shark, software, sparbuch, usb, virus, windows, windows xp |
dann auf 
und dann auf 
.
Linear-Darstellung
