| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Wörter im Internet werden zu LinksWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.04.2016, 19:33
| #1 |
 |  Wörter im Internet werden zu Links Hallo zusammen, Seit heute werden unregelmäßg einzelne Wörter eines Textes auf dem aktuell genutzten Tab im Firefox Browser (aktuelle Version: 42) zu Links, welche bei Mouse-over ein kleines Fenster mit entweder Werbung oder Verweis auf die z.B. ask.com Seite enthalten. Im Forum gibt es bereits mehrere gleichlautende Beschreibungen. Die habe ich mir durchgelesen. Ihr schreibt immer man solle sich das Programm Farbar's Recovery Scan Tool (bei mir in der 64bit Version) auf den Desktop laden und ausführen wie beschrieben. Dies habe ich bereits getan und kann auch bei Bedarf die FRST.txt und die Addition.txt posten wenn gewünscht. Im Voraus schon mal vielen Dank für Eure Mühen und Hilfen! Gruß Fritz |
|
01.04.2016, 22:03
| #2 |
| /// TB-Ausbilder   | Wörter im Internet werden zu Links Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
01.04.2016, 23:01
| #3 |
| | Wörter im Internet werden zu Links Hallo Matthias,
__________________danke für die schnelle Antwort Hier in mehreren Beiträgen die geforderten Logs: FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (01-04-2016 20:26:08)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(matt.malensek.net) C:\Program Files (x86)\3RVX\3RVX.exe
(Dekisoft) C:\Program Files (x86)\Monitor Off Utility\monoff.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Dropbox, Inc.) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\Serviio\bin\ServiioConsole.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\")
(host == \"iview.abc.net.au\")
(host == \"iviewmetered-vh.akamaihd.net\")
(url.indexOf(\"proxmate=au\") != -1)
(host == \"livestream.com\")
(host == \"www.livestream.com\")
(host == \"api.new.livestream.com\")
(host == \"player.ooyala.com\")
(host == \"xnewsvidhd-vh.akamaihd.net\")
(host == \"www.animelab.com\")
(host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1)
(host == \"ici.tou.tv\")
(host == \"toutvuniver1-vh.akamaihd.net\")
(host == \"geoip.radio-canada.ca\")
(host == \"api.radio-canada.ca\")
(host == \"images.tou.tv\")
(host == \"player.siriusxm.ca\")
(host == \"primary.hls-streaming.production.streaming.siriusxm.ca\")
(host == \"now.sportsnet.ca\")
(host == \"watch.sportsnet.ca\")
(host == \"player.9c9media.com\")
(host == \"metrics.ctv.ca\")
(host == \"capi.9c9media.com\")
(host == \"www.ctv.ca\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\")
(host == \"www.arte.tv\")
(host == \"geoftv-a.akamaihd.net\")
(host == \"hdfauthftv-a.akamaihd.net\")
(host == \"replayftv-vh.akamaihd.net\")
(host == \"geoftv-a.akamaihd.net\")
(host == \"hdfauthftv-a.akamaihd.net\")
(host == \"replayftv-vh.akamaihd.net\")
(host == \"ftvingest-vh.akamaihd.net\")
(host == \"live.francetv.fr\")
(host == \"d8.tv\")
(host == \"www.d8.tv\")
(host == \"us-cplus-aka.canal-plus.com\")
(host == \"hds_live_d8_aka-lh.akamaihd.net\")
(host == \"d17.tv\")
(host == \"www.d17.tv\")
(host == \"hds_live_d17_aka-lh.akamaihd.net\")
(url.indexOf(\"proxmate=fr\") != -1)
(host == \"www.6play.fr\")
(host == \"geo.6cloud.fr\")
(host == \"proxy-021.dc3.dailymotion.com\")
(host == \"proxy-67.dailymotion.com\")
(host == \"prof.estat.com\")
(host == \"metrics.dailymotion.com\")
(host == \"www.dailymotion.com\")
(host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\")
(host == \"vas.sim-technik.de\")
(url.indexOf(\"proxmate=de\") != -1)
(host == \"nightclub.de\")
(host == \"zdf.de\")
(host == \"www.zdf.de\")
(host == \"zdf_hds_de-f.akamaihd.net\")
(host == \"api.nowtv.de\")
(host == \"delivestream-lh.akamaihd.net\")
(host == \"cdnapi.kaltura.com\")
(host == \"disneychannel.de\")
(host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\")
(url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\")
(host == \"www.rai.tv\")
(host == \"mediapolis.rai.it\")
(host == \"www.rai.it\")
(host == \"stream5.rai.it\")
(host == \"stream6.rai.it\")
(host == \"stream7.rai.it\")
(host == \"sspushrai1-s.akamaihd.net\")
(host == \"sspushrai2-s.akamaihd.net\")
(host == \"sspushraisport2-s.akamaihd.net\")
(host == \"sspushrai3-s.akamaihd.net\")
(host == \"secondary.adaptiveedge.rai.it\")
(host == \"rai-italia01.wt-eu02.net\")
(host == \"download.rai.tv\")
(host == \"mediapolisvod.rai.it\")
(host == \"ww.rai.tv\")
(host == \".xuniplay.fdnames.com\")
(url.indexOf(\"xuniplay.fdnames.com\") != -1)
(host == \"se-to1-8.se.live3.msf.ticdn.it\")
(host == \"live.shinystat.com\")
(host == \"lic.mediaset.net\")
(host == \"cssr.video.mediaset.it\")
(url.indexOf(\"proxmate=it\") != -1)
(host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\")
(host == \"telecinco1-vh.akamaihd.net\")
(host == \"www.telecinco.es\")
(url.indexOf(\"proxmate=es\") != -1)
(host == \"antena3.com\")
(host == \"www.antena3.com\")
(host == \"geodesprogresiva.antena3.com\")
(host == \"rtve.es\")
(host == \"www.rtve.es\")
(host == \"ztnr.rtve.es\")
(host == \"mvodt.lvlt.rtve.es\")
(host == \"swf.rtve.es\")
(host == \"cuatro.com\")
(host == \"www.cuatro.com\")
(host == \"cuatro1-vh.akamaihd.net\")
(host == \"peliculas-online.atresplayer.com\")
(host == \"servicios.atresplayer.com\")
(host == \"atresplayer.com\")
(host == \"www.atresplayer.com\")
(host == \"k.uecdn.es\")
(host == \"v.uecdn.es\")
(host == \"as.com\")
(host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\")
(host == \"www.prosieben.ch\")
(host == \"vas.sim-technik.de\")
(host == \"s1tv.ch\")
(host == \"www.s1tv.ch\")
(host == \"zba2-0-hds-live.zahs.tv\")
(host == \"embed-zattoo.com\")
(host == \"chtv.ch\")
(host == \"www.chtv.ch\")
(host == \"zba2-1-hds-live.zahs.tv\")
(host == \"sat1.ch\")
(host == \"www.sat1.ch\")
(host == \"rsi.ch\")
(host == \"www.rsi.ch\")
(host == \"codch-vh.akamaihd.net\")
(host == \"il.srgssr.ch\")
(host == \"ch.viva.tv\")
(host == \"intl.esperanto.mtvi.com\")
(url.indexOf(\"proxmate=ch\") != -1)
(host == \"zattoo.com\")
(host == \"www.srf.ch\")
(host == \"srgssruni1ch-lh.akamaihd.net\")
(host == \"srgssruni2ch-lh.akamaihd.net\")
(host == \"srgssruni3ch-lh.akamaihd.net\")
(host == \"www.teleboy.ch\")
(host == \"aka-cdn-ns.adtech.de\")
(host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\")
(host == \"open.live.bbc.co.uk\")
(host == \"fig.bbc.co.uk\")
(host == \"vod-hds-uk-live.edgesuite.net\")
(host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"www.bbc.co.uk\")
(host == \"fig.bbc.co.uk\")
(host == \"open.live.bbc.co.uk\")
(host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"vod-hds-uk-live.edgesuite.net\")
(host == \"vs-hds-uk-live.edgesuite.net\")
(host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"c.brightcove.com\")
(host == \"secure.brightcove.com\")
(host == \"metrics.brightcove.com\")
(host == \"stv-ak.cds1.yospace.com\")
(host == \"core.stvfiles.com\")
(host == \"player.stv.tv\")
(host == \"stv.brightcove.com.edgesuite.net\")
(host == \"uk-dev-stv.cdn.videoplaza.tv\")
(host == \"mercury.itv.com\")
(host == \"www.itv.com\")
(host == \"itv.com\")
(host == \"llnw.live.btv.simplestream.com\")
(host == \"players.simplestream.com\")
(host == \"uapi.simplestream.com\")
(host == \"channel5.com\")
(host == \"wwwcdn.channel5.com\")
(host == \"cassie.channel5.com\")
(host == \"player.channel5.com\")
(host == \"deliver-hls.channel5.com\")
(host == \"akahls.channel5.com\")
(host == \"llnwhls.channel5.com\")
(host == \"milkshake.tv\")
(host == \"www.milkshake.tv\")
(host == \"trk-euwest.tidaltv.com\")
(host == \"mp.adverts.itv.com\")
(host == \"req.tidaltv.com\")
(host == \"s1.2mdn.net\")
(host == \"pes.itv.com\")
(host == \"ned.itv.com\")
(host == \"itvdotcom.2cnt.net\")
(host == \"tom.itv.com\")
(host == \"dave.uktv.co.uk\")
(host == \"uktvplay.uktv.co.uk\")
(host == \"uktvhdse.brightcove.com.edgesuite.net\")
(host == \"admin.brightcove.com\")
(host == \"really.uktv.co.uk\")
(host == \"yesterday.uktv.co.uk\")
(host == \"drama.uktv.co.uk\")
(host == \"live.tvplayer.com\")
(host == \"tvplayer.com\")
(host == \"sapi.tvplayer.com\")
(host == \"api.tvplayer.com\")
(host == \"www.gamefront.com\")
(url.indexOf(\"proxmate=uk\") != -1)
(host == \"channel4.com\")
(host == \"ais.channel4.com\")
(host == \"pandr.my.channel4.com\")
(host == \"all4nav.channel4.com\")
(host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\")
(host == \"discidevflash-f.akamaihd.net\")
(host == \"api.geoip.dp.discovery.com\")
(host == \"vidtech.cbsinteractive.com\")
(host == \"vidtech.cbsima.com\")
(host == \"om.cbsi.com\")
(host == \"media.mtvnservices.com\")
(host == \"api-manga.crunchyroll.com\")
(host == \"crunchyroll.com\")
(host == \"www.crunchyroll.com\")
(host == \"cdn.wwtv.warnerbros.com\")
(host == \"hlsioscwtv.warnerbros.com\")
(host == \"media.cwtv.com\")
(host == \"servicesaetn-a.akamaihd.net\")
(host == \"live.mlssoccer.com\")
(host == \"tvewnbc-i.akamaihd.net\")
(host == \"tvenbceast-i.akamaihd.net\")
(host == \"nbcmpx-vh.akamaihd.net\")
(host == \"www.pandora.com\")
(host == \"video.pbs.org\")
(host == \"ga.video.cdn.pbs.org\")
(host == \"urs.pbs.org\")
(host == \"play.spotify.com\")
(host == \"www.spotify.com\")
(host == \"play.spotify.edgekey.net\")
(host == \"www.iheart.com\")
(host == \"api2.iheart.com\")
(host == \"api.iheart.com\")
(host == \"iheart.com\")
(host == \"nick.mtvnimages.com\")
(host == \"sni-vh.akamaihd.net\")
(host == \"api.segment.io\")
(host == \"www.vevo.com\")
(host == \"vevo.com\")
(host == \"apiv2.vevo.com\")
(host == \"songza.com\")
(host == \"new.songza.com\")
(host == \"www.daisuki.net\")
(host == \"bngn-vh.akamaihd.net\")
(host == \"bngnwww.b-ch.com\")
(host == \"www.hbogo.com\")
(host == \"catalog.lv3.hbogo.com\")
(host == \"profile.lv3.hbogo.com\")
(host == \"profile.hbogo.com\")
(url.indexOf(\".lv3.hbogo.com\") != -1)
(host == \"register.hbogo.com\")
(host == \"play.hbogo.com\")
(host == \"smetrics.hbogo.com\")
(url.indexOf(\".lv3.cdn.hbo.com\") != -1)
(host == \"comet.api.hbo.com\")
(host == \"play.google.com\")
(host == \"checkout.google.com\")
(host == \"store.google.com\")
(host == \"apis.google.com\")
(host == \"amc350888def-vh.akamaihd.net\")
(host == \"a564avoddashnsus-a.akamaihd.net\")
(host == \"atv-ps.amazon.com\")
(host == \"www.amazon.com\")
(host == \"amazon.com\")
(host == \"fls-na.amazon.com\")
(host == \"secure.brightcove.com\")
(host == \"metrics.brightcove.com\")
(host == \"phds-vod.cdn.turner.com\")
(host == \"token.vgtf.net\")
(host == \"www.ondemandkorea.com\")
(host == \"www.fxnetworks.com\")
(host == \"fxvcms-f.akamaihd.net\")
(host == \"tvetelemundo-vh.akamaihd.net\")
(host == \"feed.theplatform.com\")
(host == \"fsvideohds-vh.akamaihd.net\")
(host == \"watchable.com\")
(host == \"cilhlsvod-f.akamaihd.net\")
(host == \"oxygenvod-vh.akamaihd.net\")
(host == \"tvesyfy-vh.akamaihd.net\")
(host == \"www.smithsonianchannel.com\")
(host == \"metrics.brightcove.com\")
(host == \"c.brightcove.com\")
(host == \"brightcove01.brightcove.com\")
(host == \"edge.api.brightcove.com\")
(host == \"www.eonline.com\")
(host == \"link.theplatform.com\")
(host == \"api.listenlive.co\")
(host == \"playerservices.streamtheworld.com\")
(host == \"player.listenlive.co\")
(url.indexOf(\"live.streamtheworld.com\") != -1)
(host == \"www.cartoonnetwork.com\")
(host == \"www.viki.com\")
(host == \"\\\"www.viki.com\")
(host == \"www.origin.com\")
(host == \"ht.cdn.turner.com\")
(host == \"aolvideoshd-vh.akamaihd.net\")
(host == \"syn.5min.com\")
(host == \"stvideos.5min.com\")
(host == \"www.showtime.com\")
(host == \"secure.showtime.com\")
(url.indexOf(\".vgtf.net\") != -1)
(host == \"phds-live.cdn.turner.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\")
(host == \".npostreaming.nl\")
(host == \"ida.omroep.nl\")
(host == \"npoplayer.omroep.nl\")
(host == \"www.zapp.nl\")
(host == \"tellerapi.omroep.nl\")
(host == \"e.omroep.nl\")
(url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\")
(host == \"apasfiisl.apa.at\")
(host == \"orf.oewabox.at\")
(host == \"atvplus.oewabox.at\")
(host == \"cdn.atv.at\")
(url.indexOf(\"proxmate=at\") != -1)
(host == \"hdsvodsportsman-vh.akamaihd.net\")
(host == \"streamaccess.unas.tv\")
(host == \"www.laola1.tv\")
(host == \"www.livestation.com\")
(host == \"livestation.com\")
(url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\")
(host == \"www.netflix.com\")
(host == \"cbp-us.nccp.netflix.com\")
(host == \"secure.netflix.com\")
(host == \"api-global.netflix.com\")
(host == \"ichnaea.netflix.com\")
(host == \"customerevents.netflix.com\")
(host == \"s.thebrighttag.com\")
(url.indexOf(\"proxmate=us\") != -1)
(url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\")
(host == \"www.funimation.com\")
(host == \"wpc.8c48.edgecastcdn.net\")
(host == \"southpark.cc.com\")
(host == \"api.utils.watchabc.go.com\")
(host == \"www.dramafever.com\")
(host == \"www.logotv.com\")
(host == \"media.mtvnservices.com\")
(host == \"api.watchabc.go.com\")
(host == \"theanimenetwork.com\")
(host == \"huluim.com\")
(host == \"www.hulu.com\")
(host == \"t2.hulu.com\")
(host == \"urlcheck.hulu.com\")
(host == \"t.hulu.com\")
(host == \"s.hulu.com\")
(host == \"play.hulu.com\")
(host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\")
(host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\")
(host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"counter.yadro.ru\")
(host == \"turbik.tv\")
(host == \"player.rutv.ru\")
(host == \"api.rutv.ru\")
(host == \"cdnng.v.rtr-vesti.ru\")
(host == \"player.vgtrk.com\")
(url.indexOf(\"proxmate=ru\") != -1)
(host == \"stream.1tv.ru\")
(host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\")
(host == \"api.globovideos.com\")
(host == \"s.videos.globo.com\")
(host == \"gshow.globo.com\")
(host == \"voddownload02.video.globo.com\")
(host == \"secure.nuuvem.com\")) { return 'PROXY br-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\user.js [2016-03-04]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-05-30]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2015-05-30]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2015-05-30]
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de [2016-03-16]
FF Extension: Avira Browser Safety - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Glaze Black - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\glaze_black@www.theme-oasis.org.xpi [2012-02-13] [ist nicht signiert]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-01-27] [ist nicht signiert]
FF Extension: QuickTime Addon Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{46e25d74-0fa9-4e53-8bbe-7b0436aee36e}.xpi [2016-03-14] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-03-12]
FF Extension: NoScript - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-23]
FF Extension: Video DownloadHelper - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: HD Manager - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{da6af166-be55-40e3-8656-d4896859809f}.xpi [2015-12-19] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-18] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-01 20:26 - 2016-04-01 20:26 - 00035457 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-01 20:12 - 2016-04-01 20:26 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-06 18:11 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-06 18:11 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-06 18:11 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-01 20:15 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-01 20:15 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-01 19:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-04-01 17:20 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-01 17:20 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-01 17:20 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-01 17:09 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-01 17:09 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-01 17:09 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-01 17:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-01 17:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 23:49 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-27 08:52 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-06 18:11 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\atcMedia9881446679000.exe
C:\Users\Robert\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuygic8.dll
C:\Users\Robert\AppData\Local\Temp\GUR4375.exe
C:\Users\Robert\AppData\Local\Temp\GURCB03.exe
C:\Users\Robert\AppData\Local\Temp\i4jdel0.exe
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 10:49
==================== Ende von FRST.txt ============================
|
|
01.04.2016, 23:04
| #4 |
| | Wörter im Internet werden zu Links Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-01 20:26:22)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version: - Dekisoft)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version: - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2E900E61-B18A-4821-BAE8-F58F8DF8F83B} - System32\Tasks\RunAsStdUser Task => C:\Program Files\GPSoftware\Directory Opus\dopus.exe [2012-01-10] (GP Software)
Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-05-13 18:36 - 2015-05-13 18:36 - 00178688 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\WaveLibMixer\41cd1da537156b6e85b5aa94831ccfa9\WaveLibMixer.ni.dll
2014-09-11 17:24 - 2014-09-11 17:24 - 00108032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\CoreAudioApi\7fd494c22406deed2dfcc8e29c82cb65\CoreAudioApi.ni.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 02739240 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2015-03-21 10:54 - 2015-03-21 10:54 - 00368640 _____ () C:\Program Files\Serviio\bin\ServiioConsole.exe
2011-02-09 22:53 - 2011-02-09 22:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00252928 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00051200 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2014-05-04 12:48 - 2014-05-04 12:48 - 00197632 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 00068136 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-05-04 12:49 - 2014-05-04 12:49 - 00027648 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-02-13 11:58 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-02-13 11:58 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 06:29 - 2009-08-26 06:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00034768 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00019408 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00116688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00093640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00018376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00019760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00105928 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00392144 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00381752 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00692688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020816 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00112592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01682760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00021840 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00038696 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00020936 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024528 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00114640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00124880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021832 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00175560 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00030160 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00043472 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00028616 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00048592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00026456 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00057808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00117056 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00024392 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00036296 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00023376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00134608 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00134088 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00240584 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00052024 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021824 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00019776 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020280 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00350152 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00022352 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00084792 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-19 17:16 - 2016-03-12 02:18 - 01826096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00083912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 03928880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01971504 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00531248 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00132912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00223544 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00207672 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00158008 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00042808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-19 17:16 - 2016-02-23 20:23 - 00017864 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-19 17:16 - 2016-02-23 20:23 - 01631184 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00024904 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00546096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00357680 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-02-23 20:25 - 00697304 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2008-01-09 00:50 - 2008-01-09 00:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll
2012-02-13 11:48 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\PCIe Wireless LAN\EnumDevLib.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-05-28 22:51 - 2015-05-28 22:51 - 00008704 _____ () C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\srisme7d.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2016-02-18 10:10 - 2016-02-18 10:10 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
22-03-2016 13:11:53 Geplanter Prüfpunkt
24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/01/2016 05:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2016 07:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2016 05:33:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2016 05:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2016 08:52:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2016 09:22:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2016 08:52:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2016 11:15:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2016 09:29:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/24/2016 07:06:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (04/01/2016 05:05:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/01/2016 07:35:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/31/2016 05:33:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/30/2016 05:28:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/29/2016 08:52:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/28/2016 09:22:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/27/2016 08:52:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/26/2016 11:15:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/25/2016 09:29:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/24/2016 07:06:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst RealtekSE erreicht.
CodeIntegrity:
===================================
Date: 2014-05-16 16:43:36.097
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-16 16:43:36.052
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 4995.27 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 12379.85 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:11.94 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
01.04.2016, 23:05
| #5 |
| | Wörter im Internet werden zu Links TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log: Code:
ATTFilter 23:46:45.0972 0x0ccc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:46:56.0903 0x0ccc ============================================================
23:46:56.0904 0x0ccc Current date / time: 2016/04/01 23:46:56.0903
23:46:56.0904 0x0ccc SystemInfo:
23:46:56.0904 0x0ccc
23:46:56.0904 0x0ccc OS Version: 6.1.7601 ServicePack: 1.0
23:46:56.0904 0x0ccc Product type: Workstation
23:46:56.0904 0x0ccc ComputerName: HOME-PC
23:46:56.0904 0x0ccc UserName: Robert
23:46:56.0904 0x0ccc Windows directory: C:\Windows
23:46:56.0904 0x0ccc System windows directory: C:\Windows
23:46:56.0904 0x0ccc Running under WOW64
23:46:56.0904 0x0ccc Processor architecture: Intel x64
23:46:56.0904 0x0ccc Number of processors: 4
23:46:56.0904 0x0ccc Page size: 0x1000
23:46:56.0904 0x0ccc Boot type: Normal boot
23:46:56.0904 0x0ccc ============================================================
23:46:57.0016 0x0ccc KLMD registered as C:\Windows\system32\drivers\00691381.sys
23:46:57.0109 0x0ccc System UUID: {EB8A56B7-68F1-EAB6-D733-360891AEC518}
23:46:57.0354 0x0ccc Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:57.0367 0x0ccc ============================================================
23:46:57.0367 0x0ccc \Device\Harddisk0\DR0:
23:46:57.0367 0x0ccc MBR partitions:
23:46:57.0367 0x0ccc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:57.0367 0x0ccc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8886000
23:46:57.0367 0x0ccc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x88B8800, BlocksNum 0x56DB800
23:46:57.0367 0x0ccc ============================================================
23:46:57.0369 0x0ccc C: <-> \Device\Harddisk0\DR0\Partition2
23:46:57.0370 0x0ccc D: <-> \Device\Harddisk0\DR0\Partition3
23:46:57.0370 0x0ccc ============================================================
23:46:57.0370 0x0ccc Initialize success
23:46:57.0370 0x0ccc ============================================================
23:48:41.0795 0x1d4c ============================================================
23:48:41.0795 0x1d4c Scan started
23:48:41.0795 0x1d4c Mode: Manual; SigCheck; TDLFS;
23:48:41.0795 0x1d4c ============================================================
23:48:41.0795 0x1d4c KSN ping started
23:48:44.0461 0x1d4c KSN ping finished: true
23:48:44.0711 0x1d4c ================ Scan system memory ========================
23:48:44.0711 0x1d4c System memory - ok
23:48:44.0711 0x1d4c ================ Scan services =============================
23:48:44.0750 0x1d4c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:48:44.0801 0x1d4c 1394ohci - ok
23:48:44.0826 0x1d4c [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
23:48:44.0845 0x1d4c ABBYY.Licensing.FineReader.Sprint.9.0 - ok
23:48:44.0855 0x1d4c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:48:44.0867 0x1d4c ACPI - ok
23:48:44.0870 0x1d4c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:48:44.0879 0x1d4c AcpiPmi - ok
23:48:44.0884 0x1d4c [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:48:44.0892 0x1d4c AdobeARMservice - ok
23:48:44.0904 0x1d4c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:48:44.0919 0x1d4c adp94xx - ok
23:48:44.0928 0x1d4c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:48:44.0941 0x1d4c adpahci - ok
23:48:44.0947 0x1d4c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:48:44.0956 0x1d4c adpu320 - ok
23:48:44.0961 0x1d4c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:48:44.0970 0x1d4c AeLookupSvc - ok
23:48:44.0982 0x1d4c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
23:48:44.0998 0x1d4c AFD - ok
23:48:45.0002 0x1d4c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:48:45.0009 0x1d4c agp440 - ok
23:48:45.0013 0x1d4c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:48:45.0022 0x1d4c ALG - ok
23:48:45.0024 0x1d4c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:48:45.0031 0x1d4c aliide - ok
23:48:45.0037 0x1d4c [ D64C33936CB4E3CB06EB0175F1B7A6EA, ED69DBAB2DD751AEE1037267DDCF40FFA53589E918DEE67A3ECD1E6D5F99C2C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:48:45.0049 0x1d4c AMD External Events Utility - ok
23:48:45.0052 0x1d4c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:48:45.0059 0x1d4c amdide - ok
23:48:45.0062 0x1d4c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:48:45.0070 0x1d4c AmdK8 - ok
23:48:45.0291 0x1d4c [ A961FD9423AA56D5AB7EB97DC51F94F9, 4E78EEF85A15549C41DBED1E14F0B65CA33765A1F40EA7CAFE648899E92527C0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:48:45.0458 0x1d4c amdkmdag - ok
23:48:45.0475 0x1d4c [ B427A2BAF12D1826637A4F442769664E, 60B769D74F34BC375F2EC416F61E45BB384436B233FC1519C0ACDC3EA50CF84E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:48:45.0487 0x1d4c amdkmdap - ok
23:48:45.0490 0x1d4c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:48:45.0499 0x1d4c AmdPPM - ok
23:48:45.0503 0x1d4c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:48:45.0512 0x1d4c amdsata - ok
23:48:45.0519 0x1d4c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:48:45.0528 0x1d4c amdsbs - ok
23:48:45.0531 0x1d4c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:48:45.0538 0x1d4c amdxata - ok
23:48:45.0566 0x1d4c [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:48:45.0590 0x1d4c AntiVirMailService - ok
23:48:45.0602 0x1d4c [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:48:45.0616 0x1d4c AntiVirSchedulerService - ok
23:48:45.0627 0x1d4c [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:48:45.0642 0x1d4c AntiVirService - ok
23:48:45.0667 0x1d4c [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:48:45.0696 0x1d4c AntiVirWebService - ok
23:48:45.0700 0x1d4c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
23:48:45.0708 0x1d4c AppID - ok
23:48:45.0711 0x1d4c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:48:45.0718 0x1d4c AppIDSvc - ok
23:48:45.0722 0x1d4c [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo C:\Windows\System32\appinfo.dll
23:48:45.0730 0x1d4c Appinfo - ok
23:48:45.0736 0x1d4c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
23:48:45.0744 0x1d4c arc - ok
23:48:45.0748 0x1d4c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:48:45.0756 0x1d4c arcsas - ok
23:48:45.0761 0x1d4c [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
23:48:45.0772 0x1d4c asmthub3 - ok
23:48:45.0783 0x1d4c [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
23:48:45.0799 0x1d4c asmtxhci - ok
23:48:45.0812 0x1d4c [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:48:45.0823 0x1d4c aspnet_state - ok
23:48:45.0826 0x1d4c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:48:45.0848 0x1d4c AsyncMac - ok
23:48:45.0851 0x1d4c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:48:45.0858 0x1d4c atapi - ok
23:48:45.0863 0x1d4c [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:48:45.0870 0x1d4c AtiHDAudioService - ok
23:48:45.0888 0x1d4c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:48:45.0907 0x1d4c AudioEndpointBuilder - ok
23:48:45.0924 0x1d4c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:48:45.0942 0x1d4c AudioSrv - ok
23:48:45.0948 0x1d4c [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:48:45.0957 0x1d4c avgntflt - ok
23:48:45.0962 0x1d4c [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:48:45.0971 0x1d4c avipbb - ok
23:48:45.0979 0x1d4c [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:48:45.0991 0x1d4c Avira.ServiceHost - ok
23:48:45.0994 0x1d4c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:48:46.0001 0x1d4c avkmgr - ok
23:48:46.0005 0x1d4c [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
23:48:46.0012 0x1d4c avnetflt - ok
23:48:46.0017 0x1d4c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:48:46.0030 0x1d4c AxInstSV - ok
23:48:46.0042 0x1d4c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:48:46.0057 0x1d4c b06bdrv - ok
23:48:46.0065 0x1d4c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:48:46.0077 0x1d4c b57nd60a - ok
23:48:46.0082 0x1d4c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:48:46.0091 0x1d4c BDESVC - ok
23:48:46.0093 0x1d4c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:48:46.0115 0x1d4c Beep - ok
23:48:46.0132 0x1d4c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:48:46.0152 0x1d4c BFE - ok
23:48:46.0173 0x1d4c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:48:46.0209 0x1d4c BITS - ok
23:48:46.0213 0x1d4c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:48:46.0221 0x1d4c blbdrive - ok
23:48:46.0225 0x1d4c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:48:46.0234 0x1d4c bowser - ok
23:48:46.0236 0x1d4c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:48:46.0245 0x1d4c BrFiltLo - ok
23:48:46.0247 0x1d4c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:48:46.0256 0x1d4c BrFiltUp - ok
23:48:46.0261 0x1d4c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:48:46.0285 0x1d4c BridgeMP - ok
23:48:46.0290 0x1d4c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:48:46.0301 0x1d4c Browser - ok
23:48:46.0309 0x1d4c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:48:46.0321 0x1d4c Brserid - ok
23:48:46.0324 0x1d4c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:48:46.0334 0x1d4c BrSerWdm - ok
23:48:46.0336 0x1d4c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:48:46.0345 0x1d4c BrUsbMdm - ok
23:48:46.0348 0x1d4c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:48:46.0355 0x1d4c BrUsbSer - ok
23:48:46.0358 0x1d4c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:48:46.0369 0x1d4c BTHMODEM - ok
23:48:46.0373 0x1d4c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:48:46.0396 0x1d4c bthserv - ok
23:48:46.0398 0x1d4c catchme - ok
23:48:46.0403 0x1d4c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:48:46.0427 0x1d4c cdfs - ok
23:48:46.0432 0x1d4c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:48:46.0442 0x1d4c cdrom - ok
23:48:46.0446 0x1d4c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:48:46.0468 0x1d4c CertPropSvc - ok
23:48:46.0471 0x1d4c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
23:48:46.0480 0x1d4c circlass - ok
23:48:46.0490 0x1d4c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
23:48:46.0504 0x1d4c CLFS - ok
23:48:46.0510 0x1d4c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:48:46.0519 0x1d4c clr_optimization_v2.0.50727_32 - ok
23:48:46.0525 0x1d4c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:48:46.0534 0x1d4c clr_optimization_v2.0.50727_64 - ok
23:48:46.0544 0x1d4c [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:48:46.0560 0x1d4c clr_optimization_v4.0.30319_32 - ok
23:48:46.0565 0x1d4c [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:48:46.0579 0x1d4c clr_optimization_v4.0.30319_64 - ok
23:48:46.0582 0x1d4c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:48:46.0590 0x1d4c CmBatt - ok
23:48:46.0592 0x1d4c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:48:46.0599 0x1d4c cmdide - ok
23:48:46.0610 0x1d4c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
23:48:46.0629 0x1d4c CNG - ok
23:48:46.0632 0x1d4c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:48:46.0639 0x1d4c Compbatt - ok
23:48:46.0642 0x1d4c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:48:46.0652 0x1d4c CompositeBus - ok
23:48:46.0654 0x1d4c COMSysApp - ok
23:48:46.0656 0x1d4c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:48:46.0663 0x1d4c crcdisk - ok
23:48:46.0667 0x1d4c [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:48:46.0671 0x1d4c Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:48:48.0076 0x164c Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
23:48:48.0638 0x17e8 Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
23:48:49.0003 0x1d4c Detect skipped due to KSN trusted
23:48:49.0003 0x1d4c Creative Audio Engine Licensing Service - ok
23:48:49.0017 0x1d4c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:48:49.0039 0x1d4c CryptSvc - ok
23:48:49.0050 0x1d4c [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
23:48:49.0058 0x1d4c CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
23:48:50.0552 0x164c Object send P2P result: true
23:48:51.0075 0x17e8 Object send P2P result: true
23:48:51.0392 0x1d4c Detect skipped due to KSN trusted
23:48:51.0393 0x1d4c CTAudSvcService - ok
23:48:51.0428 0x1d4c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
23:48:51.0453 0x1d4c DcomLaunch - ok
23:48:51.0461 0x1d4c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:48:51.0489 0x1d4c defragsvc - ok
23:48:51.0493 0x1d4c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:48:51.0516 0x1d4c DfsC - ok
23:48:51.0526 0x1d4c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:48:51.0543 0x1d4c Dhcp - ok
23:48:51.0575 0x1d4c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
23:48:51.0606 0x1d4c DiagTrack - ok
23:48:51.0610 0x1d4c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:48:51.0632 0x1d4c discache - ok
23:48:51.0636 0x1d4c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
23:48:51.0644 0x1d4c Disk - ok
23:48:51.0651 0x1d4c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:48:51.0661 0x1d4c Dnscache - ok
23:48:51.0668 0x1d4c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:48:51.0694 0x1d4c dot3svc - ok
23:48:51.0700 0x1d4c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:48:51.0724 0x1d4c DPS - ok
23:48:51.0727 0x1d4c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:48:51.0734 0x1d4c drmkaud - ok
23:48:51.0758 0x1d4c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:48:51.0782 0x1d4c DXGKrnl - ok
23:48:51.0787 0x1d4c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:48:51.0811 0x1d4c EapHost - ok
23:48:51.0880 0x1d4c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:48:51.0943 0x1d4c ebdrv - ok
23:48:51.0950 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS C:\Windows\System32\lsass.exe
23:48:51.0957 0x1d4c EFS - ok
23:48:51.0977 0x1d4c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:48:51.0997 0x1d4c ehRecvr - ok
23:48:52.0001 0x1d4c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:48:52.0011 0x1d4c ehSched - ok
23:48:52.0023 0x1d4c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:48:52.0039 0x1d4c elxstor - ok
23:48:52.0044 0x1d4c [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
23:48:52.0048 0x1d4c EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
23:48:54.0385 0x1d4c Detect skipped due to KSN trusted
23:48:54.0385 0x1d4c EpsonBidirectionalService - ok
23:48:54.0392 0x1d4c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:48:54.0407 0x1d4c ErrDev - ok
23:48:54.0429 0x1d4c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:48:54.0465 0x1d4c EventSystem - ok
23:48:54.0472 0x1d4c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:48:54.0497 0x1d4c exfat - ok
23:48:54.0503 0x1d4c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:48:54.0529 0x1d4c fastfat - ok
23:48:54.0545 0x1d4c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:48:54.0564 0x1d4c Fax - ok
23:48:54.0567 0x1d4c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
23:48:54.0575 0x1d4c fdc - ok
23:48:54.0577 0x1d4c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:48:54.0600 0x1d4c fdPHost - ok
23:48:54.0603 0x1d4c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:48:54.0625 0x1d4c FDResPub - ok
23:48:54.0629 0x1d4c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:48:54.0637 0x1d4c FileInfo - ok
23:48:54.0640 0x1d4c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:48:54.0662 0x1d4c Filetrace - ok
23:48:54.0664 0x1d4c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:48:54.0672 0x1d4c flpydisk - ok
23:48:54.0681 0x1d4c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:48:54.0692 0x1d4c FltMgr - ok
23:48:54.0716 0x1d4c [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
23:48:54.0744 0x1d4c FontCache - ok
23:48:54.0748 0x1d4c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:48:54.0754 0x1d4c FontCache3.0.0.0 - ok
23:48:54.0758 0x1d4c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:48:54.0765 0x1d4c FsDepends - ok
23:48:54.0768 0x1d4c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:48:54.0775 0x1d4c Fs_Rec - ok
23:48:54.0781 0x1d4c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:48:54.0795 0x1d4c fvevol - ok
23:48:54.0798 0x1d4c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:48:54.0806 0x1d4c gagp30kx - ok
23:48:54.0824 0x1d4c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:48:54.0859 0x1d4c gpsvc - ok
23:48:54.0862 0x1d4c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:48:54.0870 0x1d4c hcw85cir - ok
23:48:54.0879 0x1d4c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:48:54.0894 0x1d4c HdAudAddService - ok
23:48:54.0898 0x1d4c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:48:54.0909 0x1d4c HDAudBus - ok
23:48:54.0912 0x1d4c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:48:54.0920 0x1d4c HidBatt - ok
23:48:54.0924 0x1d4c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:48:54.0935 0x1d4c HidBth - ok
23:48:54.0938 0x1d4c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
23:48:54.0947 0x1d4c HidIr - ok
23:48:54.0950 0x1d4c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
23:48:54.0973 0x1d4c hidserv - ok
23:48:54.0976 0x1d4c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:48:54.0983 0x1d4c HidUsb - ok
23:48:54.0987 0x1d4c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:48:55.0010 0x1d4c hkmsvc - ok
23:48:55.0017 0x1d4c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:48:55.0029 0x1d4c HomeGroupListener - ok
23:48:55.0035 0x1d4c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:48:55.0046 0x1d4c HomeGroupProvider - ok
23:48:55.0050 0x1d4c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:48:55.0057 0x1d4c HpSAMD - ok
23:48:55.0075 0x1d4c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:48:55.0095 0x1d4c HTTP - ok
23:48:55.0098 0x1d4c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:48:55.0105 0x1d4c hwpolicy - ok
23:48:55.0110 0x1d4c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:48:55.0119 0x1d4c i8042prt - ok
23:48:55.0130 0x1d4c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:48:55.0143 0x1d4c iaStorV - ok
23:48:55.0164 0x1d4c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:48:55.0186 0x1d4c idsvc - ok
23:48:55.0189 0x1d4c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:48:55.0197 0x1d4c iirsp - ok
23:48:55.0217 0x1d4c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:48:55.0240 0x1d4c IKEEXT - ok
23:48:55.0306 0x1d4c [ EB5FA493A4B6EA290200AE39EBA2FBC6, 1C2797058A52D87D0F4412F40D372BABB7E4E4146F6DA5F4FFB7C6BA026A1FAC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:48:55.0362 0x1d4c IntcAzAudAddService - ok
23:48:55.0368 0x1d4c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:48:55.0374 0x1d4c intelide - ok
23:48:55.0378 0x1d4c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:48:55.0386 0x1d4c intelppm - ok
23:48:55.0391 0x1d4c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:48:55.0414 0x1d4c IPBusEnum - ok
23:48:55.0418 0x1d4c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:48:55.0441 0x1d4c IpFilterDriver - ok
23:48:55.0457 0x1d4c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:48:55.0474 0x1d4c iphlpsvc - ok
23:48:55.0479 0x1d4c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:48:55.0487 0x1d4c IPMIDRV - ok
23:48:55.0492 0x1d4c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:48:55.0516 0x1d4c IPNAT - ok
23:48:55.0518 0x1d4c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:48:55.0529 0x1d4c IRENUM - ok
23:48:55.0531 0x1d4c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:48:55.0538 0x1d4c isapnp - ok
23:48:55.0546 0x1d4c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:48:55.0557 0x1d4c iScsiPrt - ok
23:48:55.0560 0x1d4c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:48:55.0568 0x1d4c kbdclass - ok
23:48:55.0570 0x1d4c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:48:55.0578 0x1d4c kbdhid - ok
23:48:55.0581 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso C:\Windows\system32\lsass.exe
23:48:55.0588 0x1d4c KeyIso - ok
23:48:55.0592 0x1d4c [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:48:55.0600 0x1d4c KSecDD - ok
23:48:55.0605 0x1d4c [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:48:55.0614 0x1d4c KSecPkg - ok
23:48:55.0617 0x1d4c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:48:55.0639 0x1d4c ksthunk - ok
23:48:55.0649 0x1d4c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:48:55.0678 0x1d4c KtmRm - ok
23:48:55.0691 0x1d4c [ 28A4BB5CCFA252FC1D9460E5FB22AB08, 85DC7F8191245FDBBD90DABC2D03D70B373550615125471C90C10550EF6D5EEB ] L4301_Solar C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
23:48:55.0704 0x1d4c L4301_Solar - ok
23:48:55.0712 0x1d4c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:48:55.0737 0x1d4c LanmanServer - ok
23:48:55.0742 0x1d4c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:48:55.0766 0x1d4c LanmanWorkstation - ok
23:48:55.0778 0x1d4c [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:48:55.0791 0x1d4c LBTServ - ok
23:48:55.0797 0x1d4c [ ED7EC050CD6C20E1A93A4DAFB7EFD14D, 9B3B9FA23788680D13E3DC2EEA2F127591A368578AEAB70F03AC379BA7379184 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
23:48:55.0804 0x1d4c LEqdUsb - ok
23:48:55.0807 0x1d4c [ 3267BC698E29474A8381E68904EB0390, A653ED6364D4B7E02FB7087D364E33D029B15A92E0FAAB176877DE5F93B36B65 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
23:48:55.0813 0x1d4c LHidEqd - ok
23:48:55.0816 0x1d4c [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:48:55.0824 0x1d4c LHidFilt - ok
23:48:55.0827 0x1d4c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:48:55.0850 0x1d4c lltdio - ok
23:48:55.0858 0x1d4c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:48:55.0886 0x1d4c lltdsvc - ok
23:48:55.0888 0x1d4c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:48:55.0911 0x1d4c lmhosts - ok
23:48:55.0914 0x1d4c [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:48:55.0922 0x1d4c LMouFilt - ok
23:48:55.0927 0x1d4c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:48:55.0935 0x1d4c LSI_FC - ok
23:48:55.0940 0x1d4c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:48:55.0948 0x1d4c LSI_SAS - ok
23:48:55.0952 0x1d4c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:48:55.0959 0x1d4c LSI_SAS2 - ok
23:48:55.0963 0x1d4c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:48:55.0972 0x1d4c LSI_SCSI - ok
23:48:55.0976 0x1d4c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:48:56.0000 0x1d4c luafv - ok
23:48:56.0006 0x1d4c [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:48:56.0014 0x1d4c MBAMSwissArmy - ok
23:48:56.0018 0x1d4c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:48:56.0027 0x1d4c Mcx2Svc - ok
23:48:56.0030 0x1d4c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
23:48:56.0037 0x1d4c megasas - ok
23:48:56.0045 0x1d4c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:48:56.0057 0x1d4c MegaSR - ok
23:48:56.0060 0x1d4c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:48:56.0067 0x1d4c MEIx64 - ok
23:48:56.0071 0x1d4c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:48:56.0095 0x1d4c MMCSS - ok
23:48:56.0097 0x1d4c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:48:56.0120 0x1d4c Modem - ok
23:48:56.0122 0x1d4c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:48:56.0132 0x1d4c monitor - ok
23:48:56.0135 0x1d4c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:48:56.0142 0x1d4c mouclass - ok
23:48:56.0145 0x1d4c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:48:56.0153 0x1d4c mouhid - ok
23:48:56.0157 0x1d4c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:48:56.0165 0x1d4c mountmgr - ok
23:48:56.0171 0x1d4c [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:48:56.0180 0x1d4c MozillaMaintenance - ok
23:48:56.0185 0x1d4c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:48:56.0195 0x1d4c mpio - ok
23:48:56.0198 0x1d4c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:48:56.0222 0x1d4c mpsdrv - ok
23:48:56.0242 0x1d4c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:48:56.0278 0x1d4c MpsSvc - ok
23:48:56.0283 0x1d4c [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:48:56.0293 0x1d4c MRxDAV - ok
23:48:56.0298 0x1d4c [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:48:56.0308 0x1d4c mrxsmb - ok
23:48:56.0316 0x1d4c [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:48:56.0328 0x1d4c mrxsmb10 - ok
23:48:56.0332 0x1d4c [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:48:56.0342 0x1d4c mrxsmb20 - ok
23:48:56.0345 0x1d4c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:48:56.0352 0x1d4c msahci - ok
23:48:56.0357 0x1d4c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:48:56.0365 0x1d4c msdsm - ok
23:48:56.0371 0x1d4c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:48:56.0381 0x1d4c MSDTC - ok
23:48:56.0386 0x1d4c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:48:56.0408 0x1d4c Msfs - ok
23:48:56.0410 0x1d4c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:48:56.0432 0x1d4c mshidkmdf - ok
23:48:56.0435 0x1d4c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:48:56.0441 0x1d4c msisadrv - ok
23:48:56.0447 0x1d4c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:48:56.0472 0x1d4c MSiSCSI - ok
23:48:56.0474 0x1d4c msiserver - ok
23:48:56.0476 0x1d4c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:48:56.0498 0x1d4c MSKSSRV - ok
23:48:56.0501 0x1d4c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:48:56.0522 0x1d4c MSPCLOCK - ok
23:48:56.0524 0x1d4c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:48:56.0547 0x1d4c MSPQM - ok
23:48:56.0557 0x1d4c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:48:56.0572 0x1d4c MsRPC - ok
23:48:56.0575 0x1d4c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:48:56.0583 0x1d4c mssmbios - ok
23:48:56.0597 0x1d4c [ D1DF0547CE7B633D9E379F616A8D1F47, B78A6024108E9E8F827AD34607F5517CF7366C4E1EFE88AE5E69B8BC654470BD ] MSSQL$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
23:48:56.0607 0x1d4c MSSQL$SQLEXPRESS - ok
23:48:56.0610 0x1d4c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:48:56.0632 0x1d4c MSTEE - ok
23:48:56.0634 0x1d4c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:48:56.0642 0x1d4c MTConfig - ok
23:48:56.0645 0x1d4c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:48:56.0653 0x1d4c Mup - ok
23:48:56.0665 0x1d4c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:48:56.0695 0x1d4c napagent - ok
23:48:56.0704 0x1d4c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:48:56.0720 0x1d4c NativeWifiP - ok
23:48:56.0740 0x1d4c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:48:56.0763 0x1d4c NDIS - ok
23:48:56.0766 0x1d4c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:48:56.0789 0x1d4c NdisCap - ok
23:48:56.0792 0x1d4c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:48:56.0814 0x1d4c NdisTapi - ok
23:48:56.0817 0x1d4c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:48:56.0839 0x1d4c Ndisuio - ok
23:48:56.0845 0x1d4c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:48:56.0869 0x1d4c NdisWan - ok
23:48:56.0872 0x1d4c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:48:56.0895 0x1d4c NDProxy - ok
23:48:56.0898 0x1d4c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:48:56.0921 0x1d4c NetBIOS - ok
23:48:56.0929 0x1d4c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:48:56.0954 0x1d4c NetBT - ok
23:48:56.0957 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon C:\Windows\system32\lsass.exe
23:48:56.0964 0x1d4c Netlogon - ok
23:48:56.0974 0x1d4c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:48:57.0002 0x1d4c Netman - ok
23:48:57.0007 0x1d4c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0019 0x1d4c NetMsmqActivator - ok
23:48:57.0023 0x1d4c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0033 0x1d4c NetPipeActivator - ok
23:48:57.0046 0x1d4c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:48:57.0076 0x1d4c netprofm - ok
23:48:57.0081 0x1d4c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0090 0x1d4c NetTcpActivator - ok
23:48:57.0094 0x1d4c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0104 0x1d4c NetTcpPortSharing - ok
23:48:57.0108 0x1d4c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:48:57.0115 0x1d4c nfrd960 - ok
23:48:57.0123 0x1d4c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
23:48:57.0136 0x1d4c NlaSvc - ok
23:48:57.0140 0x1d4c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:48:57.0163 0x1d4c Npfs - ok
23:48:57.0166 0x1d4c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:48:57.0189 0x1d4c nsi - ok
23:48:57.0191 0x1d4c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:48:57.0214 0x1d4c nsiproxy - ok
23:48:57.0248 0x1d4c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:48:57.0289 0x1d4c Ntfs - ok
23:48:57.0293 0x1d4c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:48:57.0315 0x1d4c Null - ok
23:48:57.0320 0x1d4c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:48:57.0329 0x1d4c nvraid - ok
23:48:57.0335 0x1d4c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:48:57.0344 0x1d4c nvstor - ok
23:48:57.0349 0x1d4c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:48:57.0357 0x1d4c nv_agp - ok
23:48:57.0370 0x1d4c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:48:57.0384 0x1d4c odserv - ok
23:48:57.0388 0x1d4c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:48:57.0396 0x1d4c ohci1394 - ok
23:48:57.0401 0x1d4c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:48:57.0409 0x1d4c ose - ok
23:48:57.0419 0x1d4c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:48:57.0433 0x1d4c p2pimsvc - ok
23:48:57.0445 0x1d4c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:48:57.0460 0x1d4c p2psvc - ok
23:48:57.0464 0x1d4c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
23:48:57.0473 0x1d4c Parport - ok
23:48:57.0477 0x1d4c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:48:57.0485 0x1d4c partmgr - ok
23:48:57.0491 0x1d4c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:48:57.0502 0x1d4c PcaSvc - ok
23:48:57.0508 0x1d4c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:48:57.0517 0x1d4c pci - ok
23:48:57.0520 0x1d4c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:48:57.0527 0x1d4c pciide - ok
23:48:57.0533 0x1d4c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:48:57.0544 0x1d4c pcmcia - ok
23:48:57.0547 0x1d4c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:48:57.0554 0x1d4c pcw - ok
23:48:57.0571 0x1d4c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:48:57.0589 0x1d4c PEAUTH - ok
23:48:57.0615 0x1d4c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:48:57.0624 0x1d4c PerfHost - ok
23:48:57.0659 0x1d4c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:48:57.0704 0x1d4c pla - ok
23:48:57.0718 0x1d4c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:48:57.0733 0x1d4c PlugPlay - ok
23:48:57.0736 0x1d4c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:48:57.0743 0x1d4c PNRPAutoReg - ok
23:48:57.0753 0x1d4c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:48:57.0766 0x1d4c PNRPsvc - ok
23:48:57.0779 0x1d4c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:48:57.0811 0x1d4c PolicyAgent - ok
23:48:57.0820 0x1d4c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:48:57.0846 0x1d4c Power - ok
23:48:57.0850 0x1d4c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:48:57.0873 0x1d4c PptpMiniport - ok
23:48:57.0877 0x1d4c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
23:48:57.0885 0x1d4c Processor - ok
23:48:57.0891 0x1d4c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
23:48:57.0902 0x1d4c ProfSvc - ok
23:48:57.0905 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:48:57.0913 0x1d4c ProtectedStorage - ok
23:48:57.0917 0x1d4c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:48:57.0941 0x1d4c Psched - ok
23:48:57.0973 0x1d4c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:48:58.0005 0x1d4c ql2300 - ok
23:48:58.0012 0x1d4c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:48:58.0021 0x1d4c ql40xx - ok
23:48:58.0029 0x1d4c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:48:58.0044 0x1d4c QWAVE - ok
23:48:58.0046 0x1d4c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:48:58.0058 0x1d4c QWAVEdrv - ok
23:48:58.0066 0x1d4c [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
23:48:58.0076 0x1d4c RapiMgr - ok
23:48:58.0079 0x1d4c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:48:58.0101 0x1d4c RasAcd - ok
23:48:58.0105 0x1d4c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:48:58.0127 0x1d4c RasAgileVpn - ok
23:48:58.0131 0x1d4c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:48:58.0156 0x1d4c RasAuto - ok
23:48:58.0160 0x1d4c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:48:58.0184 0x1d4c Rasl2tp - ok
23:48:58.0193 0x1d4c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:48:58.0221 0x1d4c RasMan - ok
23:48:58.0225 0x1d4c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:48:58.0248 0x1d4c RasPppoe - ok
23:48:58.0252 0x1d4c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:48:58.0275 0x1d4c RasSstp - ok
23:48:58.0284 0x1d4c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:48:58.0311 0x1d4c rdbss - ok
23:48:58.0313 0x1d4c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:48:58.0323 0x1d4c rdpbus - ok
23:48:58.0325 0x1d4c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:48:58.0347 0x1d4c RDPCDD - ok
23:48:58.0350 0x1d4c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:48:58.0372 0x1d4c RDPENCDD - ok
23:48:58.0375 0x1d4c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:48:58.0397 0x1d4c RDPREFMP - ok
23:48:58.0401 0x1d4c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:48:58.0409 0x1d4c RdpVideoMiniport - ok
23:48:58.0415 0x1d4c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:48:58.0427 0x1d4c RDPWD - ok
23:48:58.0434 0x1d4c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:48:58.0444 0x1d4c rdyboost - ok
23:48:58.0448 0x1d4c [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] RealtekSE C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
23:48:58.0451 0x1d4c RealtekSE - detected UnsignedFile.Multi.Generic ( 1 )
23:49:00.0787 0x1d4c Detect skipped due to KSN trusted
23:49:00.0787 0x1d4c RealtekSE - ok
23:49:00.0796 0x1d4c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:49:00.0839 0x1d4c RemoteAccess - ok
23:49:00.0845 0x1d4c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:49:00.0870 0x1d4c RemoteRegistry - ok
23:49:00.0874 0x1d4c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:49:00.0898 0x1d4c RpcEptMapper - ok
23:49:00.0900 0x1d4c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:49:00.0908 0x1d4c RpcLocator - ok
23:49:00.0920 0x1d4c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
23:49:00.0936 0x1d4c RpcSs - ok
23:49:00.0940 0x1d4c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:49:00.0963 0x1d4c rspndr - ok
23:49:00.0977 0x1d4c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:49:00.0992 0x1d4c RTL8167 - ok
23:49:01.0021 0x1d4c [ 6D17B48C2465E26808E5FB4FE7B77304, FD6E87D4AB5D19D9AFE4D47D19352701EB0DA8ABA017BE15519EAAE47544099C ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
23:49:01.0046 0x1d4c RTL8192Ce - ok
23:49:01.0051 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs C:\Windows\system32\lsass.exe
23:49:01.0058 0x1d4c SamSs - ok
23:49:01.0063 0x1d4c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:49:01.0071 0x1d4c sbp2port - ok
23:49:01.0077 0x1d4c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:49:01.0102 0x1d4c SCardSvr - ok
23:49:01.0105 0x1d4c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:49:01.0127 0x1d4c scfilter - ok
23:49:01.0148 0x1d4c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
23:49:01.0175 0x1d4c Schedule - ok
23:49:01.0180 0x1d4c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:49:01.0202 0x1d4c SCPolicySvc - ok
23:49:01.0208 0x1d4c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:49:01.0219 0x1d4c SDRSVC - ok
23:49:01.0222 0x1d4c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:49:01.0229 0x1d4c secdrv - ok
23:49:01.0232 0x1d4c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
23:49:01.0240 0x1d4c seclogon - ok
23:49:01.0243 0x1d4c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
23:49:01.0266 0x1d4c SENS - ok
23:49:01.0269 0x1d4c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:49:01.0277 0x1d4c SensrSvc - ok
23:49:01.0280 0x1d4c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:49:01.0288 0x1d4c Serenum - ok
23:49:01.0292 0x1d4c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:49:01.0300 0x1d4c Serial - ok
23:49:01.0303 0x1d4c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:49:01.0311 0x1d4c sermouse - ok
23:49:01.0325 0x1d4c [ D2E25B1FE392E6E1C9A149F17920C318, F2FB3BC29ECF2F59A99CC33C57227B7DBC22E9935678877F06803EBA742CFDD8 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe
23:49:01.0333 0x1d4c Serviio - detected UnsignedFile.Multi.Generic ( 1 )
23:49:03.0685 0x1d4c Detect skipped due to KSN trusted
23:49:03.0685 0x1d4c Serviio - ok
23:49:03.0695 0x1d4c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:49:03.0730 0x1d4c SessionEnv - ok
23:49:03.0733 0x1d4c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:49:03.0743 0x1d4c sffdisk - ok
23:49:03.0746 0x1d4c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:49:03.0755 0x1d4c sffp_mmc - ok
23:49:03.0758 0x1d4c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:49:03.0767 0x1d4c sffp_sd - ok
23:49:03.0769 0x1d4c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:49:03.0777 0x1d4c sfloppy - ok
23:49:03.0788 0x1d4c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:49:03.0816 0x1d4c SharedAccess - ok
23:49:03.0826 0x1d4c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:49:03.0854 0x1d4c ShellHWDetection - ok
23:49:03.0857 0x1d4c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:49:03.0865 0x1d4c SiSRaid2 - ok
23:49:03.0868 0x1d4c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:49:03.0876 0x1d4c SiSRaid4 - ok
23:49:03.0880 0x1d4c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:49:03.0904 0x1d4c Smb - ok
23:49:03.0908 0x1d4c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:49:03.0917 0x1d4c SNMPTRAP - ok
23:49:03.0919 0x1d4c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:49:03.0926 0x1d4c spldr - ok
23:49:03.0940 0x1d4c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:49:03.0958 0x1d4c Spooler - ok
23:49:04.0040 0x1d4c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:49:04.0122 0x1d4c sppsvc - ok
23:49:04.0129 0x1d4c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:49:04.0153 0x1d4c sppuinotify - ok
23:49:04.0168 0x1d4c [ CFA0828E78FE714C71687982FA21A96E, 56F872D42F8A4DBAA1DC087AAEF86F6ECC9C198D9A5BF86A7BFCDC2176FC5C47 ] SQLAgent$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
23:49:04.0183 0x1d4c SQLAgent$SQLEXPRESS - ok
23:49:04.0192 0x1d4c [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:49:04.0204 0x1d4c SQLBrowser - ok
23:49:04.0209 0x1d4c [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:49:04.0219 0x1d4c SQLWriter - ok
23:49:04.0231 0x1d4c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:49:04.0246 0x1d4c srv - ok
23:49:04.0257 0x1d4c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:49:04.0271 0x1d4c srv2 - ok
23:49:04.0277 0x1d4c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:49:04.0287 0x1d4c srvnet - ok
23:49:04.0293 0x1d4c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:49:04.0319 0x1d4c SSDPSRV - ok
23:49:04.0323 0x1d4c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:49:04.0347 0x1d4c SstpSvc - ok
23:49:04.0350 0x1d4c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:49:04.0357 0x1d4c stexstor - ok
23:49:04.0372 0x1d4c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:49:04.0393 0x1d4c stisvc - ok
23:49:04.0396 0x1d4c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:49:04.0402 0x1d4c swenum - ok
23:49:04.0415 0x1d4c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:49:04.0447 0x1d4c swprv - ok
23:49:04.0481 0x1d4c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
23:49:04.0519 0x1d4c SysMain - ok
23:49:04.0537 0x1d4c [ 6B153E518DBE6EF59191152E1ECF7ED4, 0E3B703CE08CD310B81FD27D009D4E15DA582D06EC570B539BDA56FCADEA69FA ] t3 C:\Windows\system32\drivers\t3.sys
23:49:04.0555 0x1d4c t3 - ok
23:49:04.0559 0x1d4c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:49:04.0572 0x1d4c TabletInputService - ok
23:49:04.0581 0x1d4c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:49:04.0608 0x1d4c TapiSrv - ok
23:49:04.0651 0x1d4c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:49:04.0690 0x1d4c Tcpip - ok
23:49:04.0733 0x1d4c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:49:04.0772 0x1d4c TCPIP6 - ok
23:49:04.0779 0x1d4c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:49:04.0788 0x1d4c tcpipreg - ok
23:49:04.0791 0x1d4c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:49:04.0799 0x1d4c TDPIPE - ok
23:49:04.0801 0x1d4c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:49:04.0808 0x1d4c TDTCP - ok
23:49:04.0813 0x1d4c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:49:04.0821 0x1d4c tdx - ok
23:49:04.0961 0x1d4c [ F01CC856780524410EA86C07C39E5B77, 01C62D94D7FB7E411BAC2E2996BC09EBBDC0F3E03C62D06E1121DCB169AD6326 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
23:49:05.0058 0x1d4c TeamViewer9 - ok
23:49:05.0066 0x1d4c [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
23:49:05.0072 0x1d4c teamviewervpn - ok
23:49:05.0075 0x1d4c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:49:05.0083 0x1d4c TermDD - ok
23:49:05.0099 0x1d4c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
23:49:05.0119 0x1d4c TermService - ok
23:49:05.0122 0x1d4c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:49:05.0134 0x1d4c Themes - ok
23:49:05.0138 0x1d4c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:49:05.0161 0x1d4c THREADORDER - ok
23:49:05.0167 0x1d4c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:49:05.0191 0x1d4c TrkWks - ok
23:49:05.0198 0x1d4c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:49:05.0222 0x1d4c TrustedInstaller - ok
23:49:05.0226 0x1d4c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:49:05.0234 0x1d4c tssecsrv - ok
23:49:05.0238 0x1d4c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:49:05.0246 0x1d4c TsUsbFlt - ok
23:49:05.0249 0x1d4c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:49:05.0256 0x1d4c TsUsbGD - ok
23:49:05.0261 0x1d4c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:49:05.0284 0x1d4c tunnel - ok
23:49:05.0288 0x1d4c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:49:05.0295 0x1d4c uagp35 - ok
23:49:05.0304 0x1d4c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:49:05.0331 0x1d4c udfs - ok
23:49:05.0336 0x1d4c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:49:05.0345 0x1d4c UI0Detect - ok
23:49:05.0349 0x1d4c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:49:05.0356 0x1d4c uliagpkx - ok
23:49:05.0359 0x1d4c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:49:05.0368 0x1d4c umbus - ok
23:49:05.0370 0x1d4c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
23:49:05.0377 0x1d4c UmPass - ok
23:49:05.0388 0x1d4c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:49:05.0416 0x1d4c upnphost - ok
23:49:05.0421 0x1d4c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:49:05.0430 0x1d4c usbaudio - ok
23:49:05.0434 0x1d4c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:49:05.0442 0x1d4c usbccgp - ok
23:49:05.0447 0x1d4c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:49:05.0456 0x1d4c usbcir - ok
23:49:05.0459 0x1d4c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:49:05.0467 0x1d4c usbehci - ok
23:49:05.0477 0x1d4c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:49:05.0489 0x1d4c usbhub - ok
23:49:05.0492 0x1d4c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:49:05.0500 0x1d4c usbohci - ok
23:49:05.0502 0x1d4c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:49:05.0512 0x1d4c usbprint - ok
23:49:05.0515 0x1d4c [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
23:49:05.0522 0x1d4c usbser - ok
23:49:05.0526 0x1d4c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:49:05.0535 0x1d4c USBSTOR - ok
23:49:05.0537 0x1d4c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:49:05.0545 0x1d4c usbuhci - ok
23:49:05.0548 0x1d4c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:49:05.0571 0x1d4c UxSms - ok
23:49:05.0573 0x1d4c [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc C:\Windows\system32\lsass.exe
23:49:05.0581 0x1d4c VaultSvc - ok
23:49:05.0584 0x1d4c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:49:05.0591 0x1d4c vdrvroot - ok
23:49:05.0603 0x1d4c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:49:05.0634 0x1d4c vds - ok
23:49:05.0637 0x1d4c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:49:05.0647 0x1d4c vga - ok
23:49:05.0649 0x1d4c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:49:05.0671 0x1d4c VgaSave - ok
23:49:05.0678 0x1d4c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:49:05.0688 0x1d4c vhdmp - ok
23:49:05.0691 0x1d4c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:49:05.0698 0x1d4c viaide - ok
23:49:05.0701 0x1d4c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:49:05.0709 0x1d4c volmgr - ok
23:49:05.0719 0x1d4c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:49:05.0731 0x1d4c volmgrx - ok
23:49:05.0740 0x1d4c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:49:05.0751 0x1d4c volsnap - ok
23:49:05.0757 0x1d4c [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
23:49:05.0766 0x1d4c VsEtwService120 - ok
23:49:05.0772 0x1d4c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:49:05.0781 0x1d4c vsmraid - ok
23:49:05.0817 0x1d4c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:49:05.0866 0x1d4c VSS - ok
23:49:05.0871 0x1d4c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:49:05.0880 0x1d4c vwifibus - ok
23:49:05.0884 0x1d4c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:49:05.0895 0x1d4c vwififlt - ok
23:49:05.0897 0x1d4c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:49:05.0908 0x1d4c vwifimp - ok
23:49:05.0918 0x1d4c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:49:05.0947 0x1d4c W32Time - ok
23:49:05.0951 0x1d4c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:49:05.0959 0x1d4c WacomPen - ok
23:49:05.0963 0x1d4c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:49:05.0985 0x1d4c WANARP - ok
23:49:05.0989 0x1d4c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:49:06.0012 0x1d4c Wanarpv6 - ok
23:49:06.0043 0x1d4c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:49:06.0077 0x1d4c wbengine - ok
23:49:06.0085 0x1d4c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:49:06.0099 0x1d4c WbioSrvc - ok
23:49:06.0111 0x1d4c [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
23:49:06.0124 0x1d4c WcesComm - ok
23:49:06.0134 0x1d4c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:49:06.0152 0x1d4c wcncsvc - ok
23:49:06.0155 0x1d4c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:49:06.0163 0x1d4c WcsPlugInService - ok
23:49:06.0166 0x1d4c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
23:49:06.0173 0x1d4c Wd - ok
23:49:06.0192 0x1d4c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:49:06.0213 0x1d4c Wdf01000 - ok
23:49:06.0218 0x1d4c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:49:06.0227 0x1d4c WdiServiceHost - ok
23:49:06.0230 0x1d4c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:49:06.0239 0x1d4c WdiSystemHost - ok
23:49:06.0246 0x1d4c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
23:49:06.0258 0x1d4c WebClient - ok
23:49:06.0266 0x1d4c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:49:06.0292 0x1d4c Wecsvc - ok
23:49:06.0297 0x1d4c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:49:06.0321 0x1d4c wercplsupport - ok
23:49:06.0324 0x1d4c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:49:06.0348 0x1d4c WerSvc - ok
23:49:06.0351 0x1d4c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:49:06.0373 0x1d4c WfpLwf - ok
23:49:06.0375 0x1d4c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:49:06.0382 0x1d4c WIMMount - ok
23:49:06.0384 0x1d4c WinDefend - ok
23:49:06.0387 0x1d4c WinHttpAutoProxySvc - ok
23:49:06.0398 0x1d4c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:49:06.0424 0x1d4c Winmgmt - ok
23:49:06.0464 0x1d4c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
23:49:06.0507 0x1d4c WinRM - ok
23:49:06.0515 0x1d4c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys
23:49:06.0524 0x1d4c WINUSB - ok
23:49:06.0545 0x1d4c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:49:06.0572 0x1d4c Wlansvc - ok
23:49:06.0575 0x1d4c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:49:06.0583 0x1d4c WmiAcpi - ok
23:49:06.0590 0x1d4c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:49:06.0601 0x1d4c wmiApSrv - ok
23:49:06.0603 0x1d4c WMPNetworkSvc - ok
23:49:06.0606 0x1d4c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:49:06.0614 0x1d4c WPCSvc - ok
23:49:06.0618 0x1d4c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:49:06.0629 0x1d4c WPDBusEnum - ok
23:49:06.0632 0x1d4c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:49:06.0654 0x1d4c ws2ifsl - ok
23:49:06.0658 0x1d4c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
23:49:06.0671 0x1d4c wscsvc - ok
23:49:06.0673 0x1d4c WSearch - ok
23:49:06.0724 0x1d4c [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
23:49:06.0777 0x1d4c wuauserv - ok
23:49:06.0785 0x1d4c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:49:06.0813 0x1d4c WudfPf - ok
23:49:06.0819 0x1d4c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:49:06.0830 0x1d4c WUDFRd - ok
23:49:06.0834 0x1d4c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:49:06.0843 0x1d4c wudfsvc - ok
23:49:06.0850 0x1d4c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:49:06.0862 0x1d4c WwanSvc - ok
23:49:06.0867 0x1d4c ================ Scan global ===============================
23:49:06.0869 0x1d4c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:49:06.0876 0x1d4c [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
23:49:06.0885 0x1d4c [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
23:49:06.0891 0x1d4c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:49:06.0899 0x1d4c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:49:06.0905 0x1d4c [ Global ] - ok
23:49:06.0905 0x1d4c ================ Scan MBR ==================================
23:49:06.0907 0x1d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:49:07.0007 0x1d4c \Device\Harddisk0\DR0 - ok
23:49:07.0007 0x1d4c ================ Scan VBR ==================================
23:49:07.0008 0x1d4c [ 18154D2AB0A88C438808A961C3507C5A ] \Device\Harddisk0\DR0\Partition1
23:49:07.0009 0x1d4c \Device\Harddisk0\DR0\Partition1 - ok
23:49:07.0011 0x1d4c [ 5C644DD8C708AE2EC0E20CCEA8FEB4B8 ] \Device\Harddisk0\DR0\Partition2
23:49:07.0012 0x1d4c \Device\Harddisk0\DR0\Partition2 - ok
23:49:07.0014 0x1d4c [ 3C373EA1EDB79FDEBEB3EF6DE2C1ABF6 ] \Device\Harddisk0\DR0\Partition3
23:49:07.0015 0x1d4c \Device\Harddisk0\DR0\Partition3 - ok
23:49:07.0015 0x1d4c ================ Scan generic autorun ======================
23:49:07.0290 0x1d4c [ BCFF8CD24809941E28C73185FC58CA39, 353CA65A5EAFAF5DEC777C422A1B842DAF84ED66626AF314670E49402B6DE994 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:49:07.0513 0x1d4c RTHDVCPL - ok
23:49:07.0561 0x1d4c [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
23:49:07.0600 0x1d4c EvtMgr6 - ok
23:49:07.0617 0x1d4c [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
23:49:07.0634 0x1d4c Windows Mobile Device Center - ok
23:49:07.0641 0x1d4c [ 3D1C5578D1A7088142A1482DEB8E693B, 0F98C6B36EF814EDB613F7758EC11CAC93C01B003070C096898CAD3D2444A894 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
23:49:07.0647 0x1d4c VolPanel - detected UnsignedFile.Multi.Generic ( 1 )
23:49:09.0981 0x1d4c Detect skipped due to KSN trusted
23:49:09.0981 0x1d4c VolPanel - ok
23:49:09.0982 0x1d4c SPIRunE - ok
23:49:10.0000 0x1d4c [ 20ECD0F17EA807112EEA89BD1135EF91, 79906A6225B30248DCE2AB6B6B2DF12399D1EB425969A85FBAAB2EA8389B7F60 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
23:49:10.0010 0x1d4c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
23:49:12.0352 0x1d4c Detect skipped due to KSN trusted
23:49:12.0352 0x1d4c StartCCC - ok
23:49:12.0390 0x1d4c [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:49:12.0429 0x1d4c avgnt - ok
23:49:12.0436 0x1d4c [ 86069F4F421FB355C41FD734500E477F, CB4CE22C3298280B033105875079A373D7E1ADEA15F0F71A2095CCA50CF7E5A5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:49:12.0448 0x1d4c Avira SystrayStartTrigger - ok
23:49:12.0463 0x1d4c [ 44B946D5CE1079F60A2ACA2E8260456E, 6973CCB3830014B9A476E8DFADA593EE48C3BEAC6227F91D3B73C1400C8E82B3 ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
23:49:12.0478 0x1d4c Directory Opus Desktop Dblclk - ok
23:49:12.0483 0x1d4c [ 387FD826630C57270A42EC070F70F420, 9B18EF7FB5727DD89E44EFDE5A5A0F9CCDDAD5FDF37AD94C3048C53B8975CDC1 ] C:\Program Files (x86)\3RVX\3RVX.exe
23:49:12.0489 0x1d4c 3RVX - detected UnsignedFile.Multi.Generic ( 1 )
23:49:14.0823 0x1d4c Detect skipped due to KSN trusted
23:49:14.0823 0x1d4c 3RVX - ok
23:49:14.0843 0x1d4c [ 8380DA2C21B6F05F0F794030C5A7329E, 51A31BB49D1102E1006861C59133BC1D020C436BF04242FE29127C2D5BDD44F0 ] C:\Program Files (x86)\Monitor Off Utility\monoff.exe
23:49:14.0864 0x1d4c Dekisoft Monitor Off Utility - detected UnsignedFile.Multi.Generic ( 1 )
23:49:17.0206 0x1d4c Detect skipped due to KSN trusted
23:49:17.0206 0x1d4c Dekisoft Monitor Off Utility - ok
23:49:17.0290 0x1d4c [ 3DF5FF913964E3980175EC503B7CA5EF, 81F26E9DEB75FCEDCC34A116F755A74D5CC1BA55A513F082CD99206B3D679C8F ] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
23:49:17.0355 0x1d4c Rainlendar2 - ok
23:49:17.0365 0x1d4c [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
23:49:17.0372 0x1d4c Dropbox Update - ok
23:49:17.0384 0x1d4c [ 44B946D5CE1079F60A2ACA2E8260456E, 6973CCB3830014B9A476E8DFADA593EE48C3BEAC6227F91D3B73C1400C8E82B3 ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
23:49:17.0395 0x1d4c Directory Opus Desktop Dblclk - ok
23:49:17.0396 0x1d4c Volume2 - ok
23:49:17.0401 0x1d4c [ 387FD826630C57270A42EC070F70F420, 9B18EF7FB5727DD89E44EFDE5A5A0F9CCDDAD5FDF37AD94C3048C53B8975CDC1 ] C:\Program Files (x86)\3RVX\3RVX.exe
23:49:17.0406 0x1d4c 3RVX - detected UnsignedFile.Multi.Generic ( 1 )
23:49:17.0407 0x1d4c Detect skipped due to KSN trusted
23:49:17.0407 0x1d4c 3RVX - ok
23:49:17.0434 0x1d4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0468 0x1d4c Sidebar - ok
23:49:17.0472 0x1d4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0485 0x1d4c mctadmin - ok
23:49:17.0511 0x1d4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0538 0x1d4c Sidebar - ok
23:49:17.0543 0x1d4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0555 0x1d4c mctadmin - ok
23:49:17.0580 0x1d4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0607 0x1d4c Sidebar - ok
23:49:17.0612 0x1d4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0624 0x1d4c mctadmin - ok
23:49:17.0625 0x1d4c Waiting for KSN requests completion. In queue: 8
23:49:18.0625 0x1d4c Waiting for KSN requests completion. In queue: 8
23:49:19.0625 0x1d4c Waiting for KSN requests completion. In queue: 8
23:49:20.0652 0x1d4c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
23:49:20.0657 0x1d4c Win FW state via NFP2: enabled ( trusted )
23:49:23.0055 0x1d4c ============================================================
23:49:23.0055 0x1d4c Scan finished
23:49:23.0055 0x1d4c ============================================================
23:49:23.0062 0x1418 Detected object count: 0
23:49:23.0062 0x1418 Actual detected object count: 0
|
|
02.04.2016, 15:49
| #6 |
| /// TB-Ausbilder | Wörter im Internet werden zu Links Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
02.04.2016, 18:01
| #7 |
| | Wörter im Internet werden zu Links Alles durchgeführt: Logdatei von AdwCleaner: Code:
ATTFilter # AdwCleaner v5.108 - Bericht erstellt am 02/04/2016 um 18:24:52
# Aktualisiert am 30/03/2016 von Xplode
# Datenbank : 2016-03-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Robert - HOME-PC
# Gestartet von : C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe gelöscht : RunAsStdUser Task
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[-] [C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\prefs.js] [Preference] gelöscht : user_pref("network.proxy.autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\") (host == \"iview.abc.net.au\") (host == \"iviewmetered-vh.ak[...]
*************************
:: "Tracing" schlüssel löschen
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1263 Bytes] - [02/04/2016 18:24:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [1186 Bytes] - [02/04/2016 18:23:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1409 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.04.2016 Suchlaufzeit: 18:32 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.04.02.04 Rootkit-Datenbank: v2016.03.30.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Robert Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 560292 Abgelaufene Zeit: 9 Min., 42 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.APNToolBar, C:\Users\Robert\AppData\Local\Temp\is-FT4M4.tmp\Offercast33_ATU3_.exe, In Quarantäne, [dc3022889bfec76f4cb1ea5cd42d738d], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Robert (Administrator) on 02.04.2016 at 18:51:05,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 58
Successfully deleted: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de\searchplugins\mailcom-search.xml (File)
Successfully deleted: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\user.js (File)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1O16CQCS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H4JIXWD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UA11Y9R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZPODYNA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69O76JHB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F049GJ5Q (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7NZN8S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FWLCTSIW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXM7N2A8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JN57QVRU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JVJQG4IT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGZGBBTF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJU82QLY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ1QAMYY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPBDVRBE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW5CD3V3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5XHGTCO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8SMAKIT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKMG236M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANMXFNV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V90VMHQQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W87021BS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6VAK6HE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3U73B3S (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1O16CQCS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H4JIXWD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UA11Y9R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZPODYNA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69O76JHB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F049GJ5Q (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7NZN8S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FWLCTSIW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXM7N2A8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JN57QVRU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JVJQG4IT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGZGBBTF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJU82QLY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ1QAMYY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPBDVRBE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW5CD3V3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5XHGTCO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8SMAKIT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKMG236M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANMXFNV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V90VMHQQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W87021BS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6VAK6HE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3U73B3S (Temporary Internet Files Folder)
Deleted the following from C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\prefs.js
user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.04.2016 at 18:52:08,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (02-04-2016 18:54:16)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS & (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-05-30]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2015-05-30]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2015-05-30]
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de [2016-03-16]
FF Extension: Avira Browser Safety - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Glaze Black - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\glaze_black@www.theme-oasis.org.xpi [2012-02-13] [ist nicht signiert]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-01-27] [ist nicht signiert]
FF Extension: QuickTime Addon Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{46e25d74-0fa9-4e53-8bbe-7b0436aee36e}.xpi [2016-03-14] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-03-12]
FF Extension: NoScript - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-23]
FF Extension: Video DownloadHelper - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: HD Manager - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{da6af166-be55-40e3-8656-d4896859809f}.xpi [2015-12-19] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-02 18:54 - 2016-04-02 18:54 - 00019209 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-02 18:52 - 2016-04-02 18:52 - 00010232 _____ C:\Users\Robert\Desktop\JRT.txt
2016-04-02 18:48 - 2016-04-02 18:48 - 00001322 _____ C:\Users\Robert\Desktop\mbam.txt
2016-04-02 18:31 - 2016-04-02 18:31 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-02 18:31 - 2016-04-02 18:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-04-02 18:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-02 18:27 - 2016-04-02 18:27 - 00001491 _____ C:\Users\Robert\Desktop\AdwCleaner[C1].txt
2016-04-02 18:21 - 2016-04-02 18:24 - 00000000 ____D C:\AdwCleaner
2016-04-02 18:18 - 2016-04-02 18:18 - 01610352 _____ (Malwarebytes) C:\Users\Robert\Desktop\JRT.exe
2016-04-02 18:17 - 2016-04-02 18:17 - 22851472 _____ (Malwarebytes ) C:\Users\Robert\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-02 18:16 - 2016-04-02 18:16 - 03102720 _____ C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
2016-04-01 23:46 - 2016-04-02 00:06 - 00207296 _____ C:\TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log.txt
2016-04-01 23:42 - 2016-04-01 23:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2016-04-01 20:12 - 2016-04-02 18:54 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-06 18:11 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-06 18:11 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-06 18:11 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-02 18:54 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-02 18:54 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-02 18:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-02 18:47 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-02 18:47 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-02 18:47 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-02 18:47 - 2014-05-17 10:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-02 18:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-02 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\ModemLogs
2016-04-02 18:34 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-02 18:34 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-02 18:34 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-02 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-01 23:58 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-27 08:52 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-06 18:11 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\atcMedia9881446679000.exe
C:\Users\Robert\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuygic8.dll
C:\Users\Robert\AppData\Local\Temp\GUR4375.exe
C:\Users\Robert\AppData\Local\Temp\GURCB03.exe
C:\Users\Robert\AppData\Local\Temp\i4jdel0.exe
C:\Users\Robert\AppData\Local\Temp\libeay32.dll
C:\Users\Robert\AppData\Local\Temp\msvcr120.dll
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\sqlite3.dll
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 10:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-02 18:54:35)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version: - Dekisoft)
Mozilla Firefox 15.0.1 (x86 de) (HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version: - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
22-03-2016 13:11:53 Geplanter Prüfpunkt
24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt
02-04-2016 18:51:05 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/02/2016 06:46:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2016 06:26:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2016 09:12:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2016 09:10:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm thunderbird.exe, Version 38.7.1.5926 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b20
Startzeit: 01d18caea7d81385
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Berichts-ID: 06bfaf1c-f8a2-11e5-81cf-5404a6c5872d
Error: (04/02/2016 09:09:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: YahooWidgets.exe, Version: 4.5.2.0, Zeitstempel: 0x47e05eca
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xfff6bfc8
ID des fehlerhaften Prozesses: 0xecc
Startzeit der fehlerhaften Anwendung: 0xYahooWidgets.exe0
Pfad der fehlerhaften Anwendung: YahooWidgets.exe1
Pfad des fehlerhaften Moduls: YahooWidgets.exe2
Berichtskennung: YahooWidgets.exe3
Error: (04/02/2016 09:09:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2016 05:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2016 07:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2016 05:33:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2016 05:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (04/02/2016 06:46:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/02/2016 06:26:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/02/2016 06:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/02/2016 06:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/02/2016 06:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/02/2016 06:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2014-05-16 16:43:36.097
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-16 16:43:36.052
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 6082.97 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 14267.84 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:11.71 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
03.04.2016, 10:15
| #8 |
| /// TB-Ausbilder | Wörter im Internet werden zu Links Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  setze bitte Firefox wie folgt zurück: Firefox zurücksetzen Anschließend die neueste Version von Firefox downloaden und installieren: https://www.mozilla.org/de/firefox/new/ Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (03.04.2016 um 10:42 Uhr) |
|
03.04.2016, 13:19
| #9 |
| | Wörter im Internet werden zu Links Alles durchgeführt! Hier die Logs: FRST-Fix: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-03 12:25:41) Run:1
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
========= RemoveProxy: =========
"HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 2.1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:26:12 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=18306
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-17 06:56:45
# local_time=2014-05-17 08:56:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 19171 171024310 11951 0
# compatibility_mode=5893 16776573 100 94 102589 151982855 0 0
# scanned=964
# found=0
# cleaned=0
# scan_time=30
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=18306
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-17 07:17:20
# local_time=2014-05-17 09:17:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 20406 171025545 13186 0
# compatibility_mode=5893 16776573 100 94 103824 151984090 0 0
# scanned=189015
# found=0
# cleaned=0
# scan_time=1102
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# end=init
# utc_time=2016-04-03 10:32:09
# local_time=2016-04-03 12:32:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28881
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# end=updated
# utc_time=2016-04-03 10:34:28
# local_time=2016-04-03 12:34:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=28881
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-03 11:16:22
# local_time=2016-04-03 01:16:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 6507 57873048 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12739 211312032 0 0
# scanned=252163
# found=0
# cleaned=0
# scan_time=2514
Code:
ATTFilter
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (03-04-2016 14:12:13)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & Administrator & MSSQL$SQLEXPRESS & (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(matt.malensek.net) C:\Program Files (x86)\3RVX\3RVX.exe
(Dekisoft) C:\Program Files (x86)\Monitor Off Utility\monoff.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Dropbox, Inc.) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Serviio\bin\ServiioConsole.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-500 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-04-03]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2016-04-03]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\toolbar@web.de [2016-04-03]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-04-03]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-03]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-03 14:12 - 2016-04-03 14:12 - 00018862 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-03 14:09 - 2016-04-03 14:11 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-03 13:32 - 2016-04-03 13:32 - 11441744 _____ (SurfRight B.V.) C:\Users\Robert\Desktop\HitmanPro_x64.exe
2016-04-03 12:30 - 2016-04-03 12:30 - 02870984 _____ (ESET) C:\Users\Robert\Desktop\esetsmartinstaller_deu.exe
2016-04-03 12:25 - 2016-04-03 12:26 - 00001749 _____ C:\Users\Robert\Desktop\Fixlog.txt
2016-04-03 12:23 - 2016-04-03 12:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-03 09:43 - 2016-03-25 21:06 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-03 09:43 - 2016-03-25 20:54 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-03 09:43 - 2016-03-23 16:02 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-03 09:43 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-02 18:31 - 2016-04-02 18:31 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-02 18:31 - 2016-04-02 18:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-04-02 18:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-02 18:21 - 2016-04-02 18:24 - 00000000 ____D C:\AdwCleaner
2016-04-02 18:18 - 2016-04-02 18:18 - 01610352 _____ (Malwarebytes) C:\Users\Robert\Desktop\JRT.exe
2016-04-02 18:16 - 2016-04-02 18:16 - 03102720 _____ C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
2016-04-01 23:46 - 2016-04-02 00:06 - 00207296 _____ C:\TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log.txt
2016-04-01 23:42 - 2016-04-01 23:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2016-04-01 20:12 - 2016-04-03 14:12 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-03 13:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-03 12:37 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-03 12:37 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-03 12:37 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-03 12:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-03 12:36 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 12:36 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 12:29 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-03 12:29 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-03 12:29 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-03 12:28 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-03 12:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 12:25 - 2014-11-20 08:58 - 00000000 ____D C:\Users\Robert\AppData\LocalLow\Temp
2016-04-03 09:44 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-02 23:49 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-04-02 18:47 - 2014-05-17 10:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-02 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\ModemLogs
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 10:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-03 14:12:31)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version: - Dekisoft)
Mozilla Firefox 15.0.1 (x86 de) (HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version: - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-05-13 18:36 - 2015-05-13 18:36 - 00178688 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\WaveLibMixer\41cd1da537156b6e85b5aa94831ccfa9\WaveLibMixer.ni.dll
2014-09-11 17:24 - 2014-09-11 17:24 - 00108032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\CoreAudioApi\7fd494c22406deed2dfcc8e29c82cb65\CoreAudioApi.ni.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 02739240 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2015-03-21 10:54 - 2015-03-21 10:54 - 00368640 _____ () C:\Program Files\Serviio\bin\ServiioConsole.exe
2011-02-09 22:53 - 2011-02-09 22:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-13 11:48 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\PCIe Wireless LAN\EnumDevLib.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00252928 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00051200 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2014-05-04 12:48 - 2014-05-04 12:48 - 00197632 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 00068136 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-05-04 12:49 - 2014-05-04 12:49 - 00027648 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00034768 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00019408 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00116688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00093640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00018376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00019760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00105928 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00392144 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00381752 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00692688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020816 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00112592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01682760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00021840 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00038696 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00020936 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024528 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00114640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00124880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021832 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00175560 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00030160 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00043472 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00028616 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00048592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00026456 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00057808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00117056 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00024392 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00036296 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00023376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00134608 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00134088 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00240584 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00052024 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021824 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00019776 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020280 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00350152 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00022352 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00084792 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-19 17:16 - 2016-03-12 02:18 - 01826096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00083912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 03928880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01971504 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00531248 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00132912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00223544 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00207672 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00158008 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00042808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-19 17:16 - 2016-02-23 20:23 - 00017864 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-19 17:16 - 2016-02-23 20:23 - 01631184 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00024904 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00546096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00357680 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-02-23 20:25 - 00697304 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-02-13 11:58 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-02-13 11:58 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 06:29 - 2009-08-26 06:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2008-01-09 00:50 - 2008-01-09 00:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-05-28 22:51 - 2015-05-28 22:51 - 00008704 _____ () C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\srisme7d.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt
02-04-2016 18:51:05 JRT Pre-Junkware Removal
03-04-2016 09:43:53 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/03/2016 12:32:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/03/2016 12:32:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/03/2016 12:32:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/03/2016 12:30:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/03/2016 12:28:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2016 12:25:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2016 12:19:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2016 09:45:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2016 09:17:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2016 07:07:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/03/2016 12:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/03/2016 12:33:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/03/2016 12:33:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/03/2016 12:33:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2014-05-16 16:43:36.097
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-16 16:43:36.052
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 5111.71 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 12673.94 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:12.77 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Probleme gibt es aktuell keine mehr! Vielen Dank für eure Hilfe! Gruß Fritz |
|
04.04.2016, 14:12
| #10 | ||||||||||
| /// TB-Ausbilder | Wörter im Internet werden zu Links Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
04.04.2016, 16:43
| #11 |
| | Wörter im Internet werden zu Links Hat alles wunderbar funktioniert und läuft vollkommen problemlos! Vielen Dank! (siehe http://www.trojaner-board.de/177508-...-d-b-x-te.html Gruß Fritz |
|
04.04.2016, 19:47
| #12 |
| /// TB-Ausbilder | Wörter im Internet werden zu Links Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Wörter im Internet werden zu Links |
| aktuelle, browser, desktop, einzelne, fenster, firefox, forum, fritz, hallo zusammen, heute, internet, kleines, laden, link, links, posten, programm, recovery, scan, seite, tab, tool, version, werbung, zusammen |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
