| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: werde ask.gen nicht losWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.07.2016, 19:32
| #1 |
 |  werde ask.gen nicht los Malwarebytes fand ask.gen auf meinem PC. Mehrmals habe ich es entfernt, nach jedem Neustart ist es wieder da. Wie kann ich es entfernen? |
|
08.07.2016, 20:41
| #2 |
| /// TB-Ausbilder   |  werde ask.gen nicht los Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Logdateien von MBAM mit den Funden bitte posten. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
09.07.2016, 07:32
| #3 |
| | werde ask.gen nicht los Danke für die schnelle Antwort, Matthias.
__________________Die FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016 durchgeführt von Bernhard (Administrator) auf BERNHARD-PC (09-07-2016 08:13:50) Gestartet von C:\Users\Bernhard\Desktop\Trojanerboard Geladene Profile: Bernhard & _pcwelt_backup_ez_ & (Verfügbare Profile: Bernhard & Admin & _supereasy_backup_ & _pcwelt_backup_ez_) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe () C:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe () C:\Program Files (x86)\PHotkey\PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\PHotkey\POsd.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\PHotkey\GPMTray.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2014-02-25] (Steganos Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Player\DelayPluginI.exe [1960008 2014-09-19] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [55264 2016-03-10] (Malwarebytes) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) ShellIconOverlayIdentifiers: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2014-12-10] (O&O Software GmbH) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{FDD6BC44-B98E-44E0-BFF0-D8BE66E39A8A}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {1BD434D9-3938-4222-82CA-9131A398E177} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1BD434D9-3938-4222-82CA-9131A398E177} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader) BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader) BHO-x32: Wondershare Player 1.6.0 -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [2014-09-19] (Wondershare) BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.) BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll [2013-10-15] (Nuance Communications, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-08] (Oracle Corporation) BHO-x32: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-08] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent64.dll [2013-12-23] (soft Xpansion) Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll [2013-07-17] (Steganos Software GmbH) Toolbar: HKLM-x32 - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent32.dll [2013-12-23] (soft Xpansion) Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll [2014-02-25] (Steganos Software GmbH) Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525 FF Homepage: hxxp://gmx.net/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-26] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll [2014-11-11] (Musicnotes, Inc.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-26] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll [2014-11-11] (Musicnotes, Inc.) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] () FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-10-16] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-10-16] (RealTimes) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications Inc.) FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online) FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-01-03] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-01-03] (RealPlayer) FF Extension: ColorZilla - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-02-17] FF Extension: NoScript - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08] FF Extension: Save as PDF - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-27] FF Extension: Print Edit - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\printedit@DW-dev.xpi [2016-05-22] FF Extension: Simple Popup Blocker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\@simplepopupblocker.xpi [2016-06-27] FF Extension: colorPicker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\colorPicker@colorPicker.xpi [2016-04-27] FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-02-17] FF Extension: Text to PDF file - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2016-01-23] FF Extension: Video DownloadHelper - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-06] FF Extension: Adblock Plus - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30] FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2016-06-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2016-04-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com FF Extension: Wondershare Player - C:\ProgramData\Wondershare\Player\Player@Wondershare.com [2016-06-28] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26] CHR Extension: (Google Drive) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26] CHR Extension: (YouTube) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26] CHR Extension: (Adblock Plus) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-27] CHR Extension: (Google-Suche) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26] CHR Extension: (SpeedTao Download Helper) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eifpflhplblejfpibogcnnepoldboioh [2013-09-27] CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03] CHR Extension: (RealDownloader) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-13] CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-04-13] CHR Extension: (Norton Identity Protection) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-07] CHR Extension: (Ghostery) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-02] CHR Extension: (Chrome In-App Payments service) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07] CHR Extension: (Google Mail) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRChromePlugin.crx [2015-11-11] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03] CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-19] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-05-02] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert] R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert] S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] () R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S2 Net Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7704312 2014-12-10] (O&O Software GmbH) R2 pcwelt_backup_ez; c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe [23880 2015-11-12] () S2 Pml Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [122368 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert] S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] () R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-16] (RealNetworks, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [Datei ist nicht signiert] S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] () S2 updatesvca; C:\Windows\system32\updatesvca.dll [209920 2013-03-04] (Digital Dynamic) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) U0 asfp; C:\Windows\System32\drivers\pyqrct.sys [79064 2016-07-07] (Malwarebytes) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-19] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert] R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.) S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software) R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2014-12-10] (O&O Software GmbH) R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2014-12-10] (O&O Software GmbH) R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2014-12-10] (O&O Software GmbH) R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2014-12-10] (O&O Software GmbH) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - ) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-07] (Windows (R) Win 7 DDK provider) R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-01-28] () R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.) S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [Datei ist nicht signiert] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-09 08:12 - 2016-07-09 08:13 - 00000000 ____D C:\Users\Bernhard\Desktop\Trojanerboard 2016-07-09 08:07 - 2016-07-09 08:07 - 00000000 ____D C:\Users\Bernhard\Downloads\Trojanerboard 2016-07-09 07:59 - 2016-07-09 07:59 - 00000000 ____D C:\Users\Bernhard\Desktop\Malwarebytes 2016-07-08 14:24 - 2016-07-08 14:24 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-07-08 14:23 - 2016-07-08 14:23 - 00000000 ____D C:\Program Files (x86)\Java 2016-07-07 13:13 - 2016-07-07 13:13 - 00079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\pyqrct.sys 2016-07-06 01:15 - 2016-07-06 01:15 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Audacity 2016-07-06 01:14 - 2016-07-06 01:14 - 00001015 _____ C:\Users\Public\Desktop\Audacity.lnk 2016-07-06 01:03 - 2016-07-06 01:03 - 00000000 ____D C:\Program Files (x86)\FFmpeg for Audacity 2016-07-06 00:59 - 2016-07-06 01:00 - 09957947 _____ ( ) C:\Users\Bernhard\Downloads\ffmpeg-win-2.2.2.exe 2016-07-06 00:53 - 2016-07-06 00:53 - 26496761 _____ (Audacity Team ) C:\Users\Bernhard\Downloads\audacity-win-2.1.2.exe 2016-07-06 00:48 - 2016-07-06 01:21 - 00000000 ____D C:\Users\Bernhard\Desktop\17 Test 2016-07-06 00:48 - 2016-07-06 00:48 - 00000000 ____D C:\Users\Bernhard\Desktop\Neuer Ordner 2016-07-05 07:55 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Bernhard\Desktop\Audac 2016-07-04 16:24 - 2016-07-04 17:05 - 00000000 ____D C:\Users\Bernhard\Desktop\Musik Utto 2016-07-01 00:49 - 2016-07-01 00:49 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Steganos 2016-06-28 20:41 - 2016-06-28 20:41 - 00001151 _____ C:\Users\Public\Desktop\Wondershare Player.lnk 2016-06-28 20:40 - 2016-07-04 16:23 - 00000000 ____D C:\ProgramData\Wondershare Player 2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ C:\Windows\SysWOW64\WPShellExt64.dll 2016-06-28 18:36 - 2016-06-28 18:36 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-06-27 09:35 - 2015-03-12 11:10 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll 2016-06-27 09:34 - 2016-06-27 09:34 - 00001191 _____ C:\Users\Public\Desktop\Wondershare PDFelement.lnk 2016-06-27 09:34 - 2016-06-27 09:34 - 00000000 ____D C:\ProgramData\PDFEditor 2016-06-26 19:57 - 2016-06-26 19:59 - 00000000 ____D C:\Users\Bernhard\Desktop\LL 2016-06-12 10:42 - 2016-06-27 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-09 11:03 - 2016-06-09 11:03 - 00001360 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-09 08:13 - 2013-09-25 09:44 - 00000000 ____D C:\FRST 2016-07-09 08:10 - 2012-07-25 15:02 - 00074752 ___SH C:\Users\Bernhard\Thumbs.db 2016-07-09 08:04 - 2013-06-25 09:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Aktenschrank 2016-07-09 08:01 - 2014-09-21 21:14 - 00000000 ____D C:\Users\Bernhard\Desktop\Coaches 2016-07-09 07:53 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-09 07:53 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-09 07:46 - 2012-09-24 19:37 - 00000000 ____D C:\Users\Bernhard\Desktop\PC 2016-07-08 14:55 - 2013-01-17 21:50 - 00000000 ____D C:\Program Files\Java 2016-07-08 14:54 - 2014-11-14 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-07-08 14:24 - 2015-09-01 19:07 - 00000000 ____D C:\Users\Bernhard\.oracle_jre_usage 2016-07-08 14:19 - 2015-02-14 18:08 - 00738368 _____ (Oracle Corporation) C:\Users\Bernhard\Downloads\jxpiinstall.exe 2016-07-07 13:13 - 2013-12-05 19:55 - 00000000 ____D C:\Program Files\FileViewPro 2016-07-07 12:28 - 2014-08-22 15:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-07 07:21 - 2012-09-11 20:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Maria 2016-07-06 01:20 - 2012-11-29 10:37 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Audacity 2016-07-06 01:15 - 2014-01-11 11:19 - 00000000 ____D C:\Program Files (x86)\Audacity 2016-07-06 01:14 - 2014-01-11 11:19 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-07-06 00:43 - 2015-11-11 19:21 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Free 2016-07-05 07:49 - 2015-11-11 19:25 - 00000000 ____D C:\ProgramData\xml_param 2016-07-04 17:18 - 2013-05-10 15:06 - 00000000 ____D C:\Users\Bernhard\AppData\Local\CrashDumps 2016-07-03 15:43 - 2012-02-21 20:50 - 00700134 _____ C:\Windows\system32\perfh007.dat 2016-07-03 15:43 - 2012-02-21 20:50 - 00149984 _____ C:\Windows\system32\perfc007.dat 2016-07-03 15:43 - 2009-07-14 07:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-03 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-07-01 00:48 - 2013-01-15 03:52 - 00327680 _____ C:\Windows\system32\Ikeext.etl 2016-07-01 00:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-30 16:38 - 2012-05-03 10:21 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\SoftGrid Client 2016-06-30 16:19 - 2012-10-04 12:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Löschen 2016-06-30 15:25 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Bernhard\Desktop\WordPress Homepageerstellung 2016-06-28 21:31 - 2013-10-26 10:54 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-28 20:41 - 2013-09-02 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2016-06-28 20:40 - 2014-03-15 09:05 - 00000000 ____D C:\ProgramData\Wondershare 2016-06-28 20:40 - 2013-09-02 16:34 - 00000000 ____D C:\Program Files (x86)\Wondershare 2016-06-28 18:36 - 2016-05-19 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-06-27 09:35 - 2013-12-11 09:23 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Wondershare 2016-06-27 00:46 - 2015-11-12 11:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-27 00:46 - 2013-03-19 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-26 19:59 - 2015-11-12 11:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-06-26 19:59 - 2015-07-08 21:16 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-06-26 19:59 - 2015-07-08 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-26 19:59 - 2014-06-23 22:13 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Adobe 2016-06-21 02:00 - 2016-01-30 21:42 - 00000000 ____D C:\Users\Bernhard\Desktop\SD Card 2016 2016-06-21 01:58 - 2014-07-23 07:37 - 00000000 ____D C:\Users\Bernhard\Desktop\Micro SDs 2016-06-10 08:58 - 2014-01-09 12:35 - 00000959 _____ C:\Users\Bernhard\Desktop\oCam.lnk 2016-06-10 08:58 - 2014-01-09 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\oCam 2016-06-10 08:58 - 2014-01-09 12:35 - 00000000 ____D C:\Program Files (x86)\oCam 2016-06-09 12:21 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew 2016-06-09 12:16 - 2013-07-03 11:17 - 00000000 ____D C:\Program Files (x86)\Video DVD Maker 2016-06-09 11:03 - 2014-08-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-09 11:03 - 2014-08-22 15:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-03-11 21:32 - 2016-04-07 12:21 - 0000138 _____ () C:\Users\Bernhard\AppData\Roaming\Camdata.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamLayout.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamShapes.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0004582 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.cfg 2013-03-11 21:29 - 2013-12-15 21:52 - 0000098 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.command 2013-03-11 21:30 - 2013-12-15 21:53 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.Data.ini 2013-03-11 21:30 - 2013-12-15 21:53 - 0001206 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.ini 2014-08-22 15:06 - 2014-08-22 15:06 - 0000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan 2013-10-11 12:09 - 2013-10-11 12:10 - 0003759 _____ () C:\Users\Bernhard\AppData\Roaming\moyea_dia.log 2014-03-27 15:47 - 2016-01-08 15:02 - 0002795 _____ () C:\Users\Bernhard\AppData\Roaming\SAS7_000.DAT 2013-01-28 09:37 - 2013-01-28 09:37 - 0001181 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt 2013-01-28 09:37 - 2013-01-28 09:37 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2014-01-09 02:52 - 2014-01-09 04:00 - 0000096 _____ () C:\Users\Bernhard\AppData\Roaming\version2.xml 2013-12-25 12:24 - 2016-05-15 13:24 - 0015360 _____ () C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-20 01:54 - 2014-01-18 13:47 - 0001495 _____ () C:\Users\Bernhard\AppData\Local\RecConfig.xml 2016-02-24 20:56 - 2016-02-24 20:56 - 0004352 _____ () C:\Users\Bernhard\AppData\Local\recently-used.xbel 2013-10-20 23:05 - 2014-07-07 18:13 - 0007602 _____ () C:\Users\Bernhard\AppData\Local\resmon.resmoncfg 2012-05-03 10:47 - 2012-05-03 10:47 - 0017408 _____ () C:\Users\Bernhard\AppData\Local\WebpageIcons.db 2015-08-14 21:23 - 2015-08-14 21:23 - 0000000 _____ () C:\Users\Bernhard\AppData\Local\{C50C67DE-E4BE-41E2-92F4-4BF1EED6D1D0} 2012-11-29 10:22 - 2016-03-15 00:17 - 0002858 _____ () C:\ProgramData\hpzinstall.log 2015-12-16 03:03 - 2015-12-16 03:03 - 0005078 _____ () C:\ProgramData\mzemgkrx.fuc Einige Dateien in TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\avgnt.exe C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe C:\Users\Bernhard\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Bernhard\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Bernhard\AppData\Local\Temp\SkypeSetup.exe C:\Users\Bernhard\AppData\Local\Temp\_is82B7.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-28 21:42 ==================== Ende von FRST.txt ============================ Geändert von Bernhard1 (09.07.2016 um 08:08 Uhr) |
|
09.07.2016, 07:33
| #4 |
| | werde ask.gen nicht los Die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Bernhard (2016-07-09 08:14:54)
Gestartet von C:\Users\Bernhard\Desktop\Trojanerboard
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-03 08:02:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-4070342091-3793343965-3738386277-1003 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4070342091-3793343965-3738386277-500 - Administrator - Disabled)
Bernhard (S-1-5-21-4070342091-3793343965-3738386277-1000 - Administrator - Enabled) => C:\Users\Bernhard
Gast (S-1-5-21-4070342091-3793343965-3738386277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070342091-3793343965-3738386277-1002 - Limited - Enabled)
_pcwelt_backup_ez_ (S-1-5-21-4070342091-3793343965-3738386277-1009 - Administrator - Enabled) => C:\Users\_pcwelt_backup_ez_
_supereasy_backup_ (S-1-5-21-4070342091-3793343965-3738386277-1008 - Administrator - Enabled) => C:\Users\_supereasy_backup_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: - Amazon)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version: - AnVir Software)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{5863B6EF-76D0-4FF8-AA2F-EEBE7CC49DAA}) (Version: - ArcSoft)
ArcSoft VideoImpression 2 (HKLM-x32\...\{5339885F-4597-4343-BD3B-74280CC79424}) (Version: - ArcSoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audials (HKLM-x32\...\{85B5CB65-2AC3-4C1C-A950-B20DE5520C79}) (Version: 10.2.19305.500 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version: - AVM Berlin)
Biet-O-Matic v2.14.10 (HKLM-x32\...\Biet-O-Matic v2.14.10) (Version: 2.14.10 - BOM Development Team)
Bitrix24 for Windows (HKLM-x32\...\Bitrix24) (Version: 3.4.31.31 - Bitrix, Inc)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version: - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
ColorPage-SF600 (HKLM-x32\...\{A5505456-B9C3-43DA-A588-F6947422C134}) (Version: V4.3.0 - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkWave Studio 4.0.9 (HKLM-x32\...\DarkWave Studio) (Version: 4.0.9 - ExperimentalScene)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
f4 2012 (HKLM-x32\...\f42012) (Version: - audiotranskription.de)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LightScribe Applications (HKLM-x32\...\{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}) (Version: 1.18.5.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version: - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Video Editor 10 SE (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.1.2 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.0.223 - O&O Software GmbH)
oCam version 16.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 16.0.0.0 - hxxp://ohsoft.net/)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paragon Festplatten Tools™ 2015 (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-WELT Backup Easy (HKLM\...\PC-WELT Backup Easy) (Version: 1.19 - IDG Tech Media GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.0.1243 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sigel BusinessCardSoftware Demo (HKLM-x32\...\Sigel BusinessCardSoftware Demo) (Version: - )
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (x32 Version: 3.0.6.28 - StarFinanz) Hidden
StarMoney 8.0 (HKLM-x32\...\{2E36EB70-A4D8-4CD0-915D-0ACAAED6A918}) (Version: 8.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steganos Password Manager 14 (HKLM-x32\...\{C83404F0-D7FA-4069-94AB-2F34FDA22AA8}) (Version: 14.2 - Steganos Software GmbH)
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.2 - Steganos Software GmbH)
Stickies 7.1d (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
StudioLine Photo Classic 3 SE (HKLM-x32\...\{53BDE9F4-79D1-4E2D-B7A4-4D3663419BAB}) (Version: 3.70.50.1 - H&M System Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\WinDirStat) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Product Image (05/02/2002 1.0.1.1) (HKLM\...\F408A29B912DF89043C0C67FB04AE7CF4A67FF97) (Version: 05/02/2002 1.0.1.1 - Product)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare PDFelement(Build 4.0.1) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.1.4 - Wondershare Software Co.,Ltd.)
Wondershare Player(Build 1.6.1) (HKLM-x32\...\Wondershare Player_is1) (Version: 1.6.1.0 - Wondershare)
Wunderlist (HKLM-x32\...\{1cdbee75-ad10-47e7-b5c4-1f051f899978}) (Version: 2.3.0.30 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.30 - 6 Wunderkinder GmbH) Hidden
Zweckform Etiketten Assistent (HKLM-x32\...\Zweckform Etiketten Assistent) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
"{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}" task wurde entsperrt. <===== ACHTUNG
"{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" task wurde entsperrt. <===== ACHTUNG
"{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" task wurde entsperrt. <===== ACHTUNG
Task: {0D8F44A2-12F9-4D2D-810C-416C83F570A6} - System32\Tasks\{7F7E2F3B-EF44-43AA-9947-935E9B56B37C} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {0DFBFFF2-B0BB-45B1-9284-16317CDD74EF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {0F526937-5C13-40D9-AD0C-4B4AB398A47E} - System32\Tasks\{38D79D0C-9D17-4C60-95CA-4B367CDFDF11} => pcalua.exe -a E:\PROGRAM\GERMAN\rmb\setup_x64.exe -d E:\PROGRAM\GERMAN\rmb
Task: {119695C5-3BED-40B0-9BF0-EB16C8F0362E} - System32\Tasks\{6CFDF215-3B31-4E0B-A934-95C32A086566} => pcalua.exe -a F:\setup_f.exe -d F:\
Task: {1253A9A4-F396-498A-8533-D5593CE77E41} - System32\Tasks\{86587C49-245F-4A8B-9A0A-486EB72072C1} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {143E9C67-70DB-45A4-824C-F6F026A9BDD2} - System32\Tasks\{99E55DA8-7CB1-41BA-A0D1-C985A76C7213} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {1EA9C5EC-A782-484A-9625-3C319562949C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
"{1F7B7221-AE8F-44F3-BA82-F7D260F51964}" task wurde entsperrt. <===== ACHTUNG
"{2470470F-2634-478E-B181-571E98A789BB}" task wurde entsperrt. <===== ACHTUNG
Task: {25FE5305-7D03-4223-9F19-DDD1F2EEE4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-26] (Adobe Systems Incorporated)
"{28011108-68DF-4C73-B91B-57427D501BBA}" task wurde entsperrt. <===== ACHTUNG
"{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" task wurde entsperrt. <===== ACHTUNG
Task: {347DB677-28B4-475A-91D5-030F4F7DAF3D} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {34972354-32B6-4AA0-8B09-A11B6B59EC88} - System32\Tasks\{485E4FEF-32A1-4B05-8080-C4F815720167} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
"{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}" task wurde entsperrt. <===== ACHTUNG
"{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" task wurde entsperrt. <===== ACHTUNG
Task: {4C3BF434-CB48-46E3-AFD3-03B4C523E18D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
"{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}" task wurde entsperrt. <===== ACHTUNG
Task: {4DC13273-DC82-43E4-8045-AC62928EE457} - System32\Tasks\{EED6B82B-CB5A-4F84-8A34-C1EE5D6C5CC7} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
"{5A40E926-9E86-4B89-9CFD-B12311724371}" task wurde entsperrt. <===== ACHTUNG
Task: {5B04776D-F2FC-4941-B435-DE63FB9B90BA} - System32\Tasks\{1D1A8A18-7950-41F2-BD97-5641FB750FB2} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
"{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" task wurde entsperrt. <===== ACHTUNG
"{5F5A18EB-DC73-4E45-A11C-B59043598412}" task wurde entsperrt. <===== ACHTUNG
Task: {5FAE9FF5-BC24-41EF-A40D-75730FA50529} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
"{613612BA-897D-44CE-8DC1-8FC283F9FD51}" task wurde entsperrt. <===== ACHTUNG
"{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}" task wurde entsperrt. <===== ACHTUNG
Task: {72091BCB-DCCE-43F6-A76A-4C8EA9514D1F} - System32\Tasks\{47B10711-FF6D-48E1-A80E-0C29DE09EF4D} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
"{72DB7465-BC54-491B-A92A-4637A28C9BBF}" task wurde entsperrt. <===== ACHTUNG
"{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}" task wurde entsperrt. <===== ACHTUNG
Task: {7790F5CA-8F62-47E6-A91D-5E99D9D90CED} - System32\Tasks\{BB4D84AD-6D4A-4AE9-8BDD-6E099740DBD6} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {7A33E08A-C524-4214-AFE4-8F792B3D77C4} - System32\Tasks\ReclaimerResumeInstall_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
"{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}" task wurde entsperrt. <===== ACHTUNG
Task: {7D24F5A0-4FE0-4392-88E3-6D463E2A6561} - System32\Tasks\{4DB20908-7514-4312-A1EA-BB226D90C566} => pcalua.exe -a F:\ColorPage-SF600\Setup\SETUP.EXE -d F:\ColorPage-SF600\Setup
Task: {7F585A86-52A3-4450-B126-EAB423463D98} - System32\Tasks\{EFCB28CE-4DF3-45BF-BFA8-AE6AEC600140} => pcalua.exe -a C:\Users\Bernhard\Downloads\fmp_setup.exe -d C:\Users\Bernhard\Downloads
Task: {7FCD9305-61E5-423D-A8EF-6C05C063BB06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
"{81540B9F-B5BF-47EB-9C95-BE195BF2C664}" task wurde entsperrt. <===== ACHTUNG
"{9435F817-FED2-454E-88CD-7F78FDA62C48}" task wurde entsperrt. <===== ACHTUNG
Task: {96480441-EFC8-411C-8FA9-1D73D888B756} - System32\Tasks\{2DD33BBB-46F0-4858-A078-E254CE47E6B3} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {97E2772A-B4F8-4C09-B1E1-12E8CC346DF9} - System32\Tasks\{C03F0FDB-3AD8-4F2F-BC14-AA8766D05E72} => pcalua.exe -a C:\Users\Bernhard\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
"{994C86AD-A929-4B2C-88A0-4E25A107A029}" task wurde entsperrt. <===== ACHTUNG
"{9979CB83-103A-4105-9E5D-C74B0AF6D198}" task wurde entsperrt. <===== ACHTUNG
Task: {9BBF4107-FD93-4C12-85D5-4F8C6F5D0FE7} - System32\Tasks\{54B13488-53E8-40B0-9D34-52CAB98CCD35} => pcalua.exe -a F:\Audials-One\TrekStor_AudialsOne8_SE.exe -d F:\Audials-One
Task: {A037188E-6F91-4AFD-84D8-97961F8C65D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
"{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}" task wurde entsperrt. <===== ACHTUNG
"{A48CABBF-24C8-4B87-B00F-9261807C3B43}" task wurde entsperrt. <===== ACHTUNG
"{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" task wurde entsperrt. <===== ACHTUNG
Task: {A8B56FC8-7265-4657-BCE9-FFEE3C98BA58} - System32\Tasks\{E7A9CAE4-4B85-4EAD-968D-7A7129D2B520} => pcalua.exe -a E:\Notfall-4-Setup.exe -d E:\
Task: {AB6EB7EA-CC34-42A8-AB2C-806E13212C6F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe
"{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" task wurde entsperrt. <===== ACHTUNG
"{AC668097-4D6B-4093-AC14-014C09DBF820}" task wurde entsperrt. <===== ACHTUNG
Task: {B040F48C-E6D6-4DFB-9319-02A31FAD9A44} - System32\Tasks\{0F7E1A9B-0443-4225-A10F-56142B061744} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {B0A74DAC-2A82-4734-A2FD-F53FA80FD4CD} - System32\Tasks\ReclaimerResumeInstallLogin_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
"{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" task wurde entsperrt. <===== ACHTUNG
"{BE669C13-8165-4536-96D0-6D6C39292AAE}" task wurde entsperrt. <===== ACHTUNG
Task: {BFF44E6B-0E2B-40C4-87A7-48A8D337F257} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
"{C016366B-7126-46CA-B36B-592A3D95A60B}" task wurde entsperrt. <===== ACHTUNG
Task: {C228335C-2A01-48C3-A681-034FABC44C84} - System32\Tasks\{624950FD-F4CC-4D02-8319-AA439B030D95} => pcalua.exe -a "C:\Program Files (x86)\Sigel\BusinessCard Software\BusinessCardDemo.exe"
"{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}" task wurde entsperrt. <===== ACHTUNG
"{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}" task wurde entsperrt. <===== ACHTUNG
Task: {CBB5779C-CD71-4D3A-B6CC-565C1E5492AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {CBD65DD2-23AB-4B37-8E5D-09E9F6532B4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {CDF3F9DD-47A6-4D1C-ACA3-4B69FEB88881} - System32\Tasks\{753244C6-DC45-427A-8BCE-FAF0BEDAC406} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
"{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" task wurde entsperrt. <===== ACHTUNG
"{D0250F3F-6480-484F-B719-42F659AC64D5}" task wurde entsperrt. <===== ACHTUNG
Task: {D3D1D49C-1107-4D8D-B0BC-8BF0B555EE84} - System32\Tasks\{D26BBEE7-B8A7-4DEA-90DF-B9C8C6511558} => pcalua.exe -a E:\SETUP.EXE -d E:\
"{D7B6E81D-3CF4-432C-84D2-24213F4316E6}" task wurde entsperrt. <===== ACHTUNG
"{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}" task wurde entsperrt. <===== ACHTUNG
Task: {DC59771F-0A7A-4F52-89E9-24E2E1BC9E73} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-09-16] ()
Task: {DD9E7AF3-2FEC-4132-B34D-50DE9132323F} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
"{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}" task wurde entsperrt. <===== ACHTUNG
Task: {E0816EC5-C4BB-443F-BBA3-A6E06AA4D340} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
"{E22A8667-F75B-4BA9-BA46-067ED4429DE8}" task wurde entsperrt. <===== ACHTUNG
"{E3163C33-301D-4730-A266-5518C5ED3967}" task wurde entsperrt. <===== ACHTUNG
"{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" task wurde entsperrt. <===== ACHTUNG
"{EB02381F-D652-4B1C-894A-712498C62C51}" task wurde entsperrt. <===== ACHTUNG
Task: {F3144631-02DD-4651-9723-EBA03EDBA9DA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
"{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" task wurde entsperrt. <===== ACHTUNG
"{FB3C354D-297A-4EB2-9B58-090F6361906B}" task wurde entsperrt. <===== ACHTUNG
"{FDD56C73-F0D5-41B6-B767-6EFFD7966428}" task wurde entsperrt. <===== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstall_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\Desktop\PC\Software\Programme\MEDIONhome.lnk -> hxxp://www.medion.com/de2C:\Windows\System32\oobe\info\Icon\MedIcon (2).ico (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/ (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-06-06 17:06 - 2012-11-29 13:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00023880 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00109384 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupServiceLib.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 11391816 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupCore.dll
2015-03-05 12:49 - 2015-03-05 12:49 - 00324096 _____ () c:\Program Files\PC-WELT Backup Easy\bin\party.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 05945672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\ox.dll
2015-03-05 11:46 - 2015-03-05 11:46 - 00081920 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zdll.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00249672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\crumb.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00053576 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzmaUtil.dll
2015-03-05 12:43 - 2015-03-05 12:43 - 00049664 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzma.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00368968 _____ () c:\Program Files\PC-WELT Backup Easy\bin\tomb.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00022528 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zlibutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00023368 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4util.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00041288 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00560456 _____ () c:\Program Files\PC-WELT Backup Easy\bin\twirl.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00223048 _____ () c:\Program Files\PC-WELT Backup Easy\bin\netutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00154952 _____ () c:\Program Files\PC-WELT Backup Easy\bin\scoolite.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00626688 _____ () c:\Program Files\PC-WELT Backup Easy\bin\sqlite.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00165704 _____ () c:\Program Files\PC-WELT Backup Easy\bin\deemon.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00528712 _____ () c:\Program Files\PC-WELT Backup Easy\bin\veem.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00060744 _____ () c:\Program Files\PC-WELT Backup Easy\bin\minizutil.dll
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-09 11:25 - 2010-09-30 14:00 - 00253264 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2015-03-05 14:22 - 2015-03-05 14:22 - 00053760 _____ () c:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
2016-06-06 17:06 - 2012-11-27 15:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2016-06-06 17:06 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2014-12-10 19:12 - 2014-12-10 19:12 - 00344824 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-02-10 21:48 - 2016-02-10 21:48 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ () C:\Windows\SysWOW64\WPShellExt64.dll
2016-06-06 17:06 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2016-06-06 17:06 - 2010-12-17 14:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2016-06-06 17:06 - 2012-01-12 17:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2016-06-06 17:06 - 2012-01-12 17:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2016-06-06 17:06 - 2012-10-23 18:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2016-06-06 17:06 - 2012-08-08 18:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-06 17:06 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2016-06-06 17:06 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2016-06-27 09:35 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-06-27 09:35 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-02 12:20 - 2016-06-02 12:20 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\com -> hxxp://*.Wondershare.com
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\com -> hxxp://*.Wondershare.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-09-25 21:51 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orga-Nicer.lnk => C:\Windows\pss\Orga-Nicer.lnk.CommonStartup
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC-WELT Backup Easy => "C:\Program Files\PC-WELT Backup Easy\bin\backupClient-pcwbe.exe" --hidden
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{ED434935-FD27-43C9-838F-62FAF395247B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3715F1B3-1BFB-41E8-B30C-B8577C36F511}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{5F024E44-E458-43E6-98EE-F758ECDDDB74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2631EE86-CE69-4E24-9B2C-D009320BDB61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F242C584-7DC9-42B5-AB23-E466FD2F05CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{8E53D6E1-6EAA-4C3E-8ECC-42FF0EA6F52A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{262150B3-9785-4E55-9014-5022B7B66ADA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B158D186-191E-48DB-9297-0070447DF731}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0D80372E-F194-443D-8C97-97DCA1D20195}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{782075F4-666F-4E23-8FD0-61D33C99B582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9FF97F2E-0CE3-4805-872C-6C6C93F85AC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A07BB18C-FF46-4671-B33A-31B688142456}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B4C7E96C-9906-4F10-A7BF-AE39C3B47A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A57CB20-6BBF-4A65-9003-142AEC8115C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{06DC90CB-3E91-43B5-BA8B-B00BEEC44859}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A053A1F0-1286-4573-9A05-840F22657CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{483E0ADF-A26D-404F-8E2C-3D62F85CC2EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{69962D9B-D7DB-490F-8855-64475E0987B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33CCCDE3-826F-4E41-A79D-8BF6A526806E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{28DCDBF8-4DFB-471E-AFBD-B44AF4D7E4BF}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{F7A83851-06D7-499A-9675-1BAD1DB20E53}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 10\Audials.exe
FirewallRules: [{3299ACBC-BDC3-40B4-B7EF-A2A63CFF4144}] => (Allow) LPort=12972
FirewallRules: [{944ACA05-89DB-49AD-8CC3-B2A246C767D5}] => (Allow) LPort=14714
FirewallRules: [{20818C5F-2EE3-4E07-AF1F-CD37D0EBC17E}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{AAC0DC18-C583-4D6D-9347-19EB2956EE94}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [UDP Query User{0F020889-DD64-4F1F-A9E1-06A6178A101B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{1D6A688D-3F97-4BE8-A83F-FF86E1AE662F}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{C537A6AC-C52C-456E-83F6-97F58E0D817B}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{08C1272E-5134-4002-9DD5-5A21C661A40B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E2DDB6A9-FA9E-4AD5-B645-4CC70EA504BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{0D6CA7B6-38D5-4F22-8525-CB3A4DFB7951}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{1EEFB013-0064-4335-B9C9-10C65AC31F2E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{738787B9-6642-4415-A9DE-45DAB18E500D}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{C4916D39-0332-4687-9BB6-2664254F6105}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{206A486A-2DE3-4AAC-8E5E-447327A6298E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{6984532D-9ACF-42EB-8A65-186EDDEE1D8F}] => (Allow) LPort=51001
FirewallRules: [{D86FE523-B878-4F88-AEEF-73D8AE3AF29A}] => (Allow) LPort=51001
FirewallRules: [{0232F89D-1B6D-4C75-AB14-E18F140E4729}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{93892B1A-3BF3-46B6-B8C6-40398B213894}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{DF342700-7242-4D6A-BD0E-D252B7C0C2EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4352D4F1-9289-4F60-9423-2742F3765474}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA6752F-B642-4F9E-BCEC-856BA6F0B7B9}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{6D1F0B00-A033-4E52-B429-D85CBE9E9C4B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47715565-A217-400E-AAF4-FA51084FCFC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB35B513-3DFA-41B1-B9E8-921DBBBEDD0A}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{ECB98186-D03E-4EA9-86E0-6443CB8E0492}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{281D072E-F133-413A-8530-85E9DE22E543}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F606CDAC-6A92-4CF3-ADA5-9613189B62C3}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C18F4ECD-B500-4F3F-BAA0-1A48C4A095A6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{58516AFB-3699-4CA9-BD21-06026728CD93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D6904D4-D38E-42FE-8C92-7B6F162B68E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8ABECA6C-6159-4C43-8EA3-5CD25A0664C2}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{53EF195F-6729-4702-8114-A137B20F0960}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{3531680A-A193-4D23-9B4C-68709F2A6886}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CF541917-E503-4806-AB4A-BEB088C7E220}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{FEE00E6D-F5CC-4304-B5E9-01891E7FF65D}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{0F44FC79-29A0-40ED-A95A-3081452155F2}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{F397188B-A01E-43BB-84C5-6E52406483F9}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{3C91B94F-8218-49FB-B4DD-DF8A82F5C3B3}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{38D685AA-D6EC-410B-B301-74B5FF02B697}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{1F6153D5-D045-49B6-A46E-95289F29B44A}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{EA69C3B1-1D53-4496-B73A-3DFD527B52FD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B7B8506D-F021-4366-98E9-BFFF6665890C}] => (Allow) LPort=2869
FirewallRules: [{194B3D02-003E-47CA-A1ED-858A3A91D915}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/09/2016 08:05:15 AM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: m_pDevice->Present FAILED!
hr=88760868
Error: (07/08/2016 12:17:30 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/06/2016 02:36:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/05/2016 08:20:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm audacity.exe, Version 2.0.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f34
Startzeit: 01d1d68482316cff
Endzeit: 13
Anwendungspfad: C:\Program Files (x86)\Audacity\audacity.exe
Berichts-ID: 761ac884-4278-11e6-8292-e840f2b4d16c
Error: (07/04/2016 09:21:16 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/04/2016 05:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cdbxpp.exe, Version: 4.5.4.4852, Zeitstempel: 0x53856036
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a7e4
Ausnahmecode: 0x4000001f
Fehleroffset: 0x0001338d
ID des fehlerhaften Prozesses: 0x19c4
Startzeit der fehlerhaften Anwendung: 0xcdbxpp.exe0
Pfad der fehlerhaften Anwendung: cdbxpp.exe1
Pfad des fehlerhaften Moduls: cdbxpp.exe2
Berichtskennung: cdbxpp.exe3
Error: (07/04/2016 04:23:21 PM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: CD3DManager::DestroyCanvas() cannot destroy default canvas!
Error: (07/04/2016 04:22:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MetadataConvert.exe, Version: 5.1.4.18, Zeitstempel: 0x504087f7
Name des fehlerhaften Moduls: WSMultiTagMgr.dll, Version: 5.1.4.18, Zeitstempel: 0x504087bf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008d65b
ID des fehlerhaften Prozesses: 0x1db0
Startzeit der fehlerhaften Anwendung: 0xMetadataConvert.exe0
Pfad der fehlerhaften Anwendung: MetadataConvert.exe1
Pfad des fehlerhaften Moduls: MetadataConvert.exe2
Berichtskennung: MetadataConvert.exe3
Error: (07/03/2016 08:44:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{258201f3-94f5-11e1-8a68-685d43175650}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Error: (07/03/2016 08:44:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{258201f3-94f5-11e1-8a68-685d43175650}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: Q:\
Ausführungskontext: Coordinator
Systemfehler:
=============
Error: (07/06/2016 12:47:46 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:12:01 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 05:27:36 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:15:02 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:04:16 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/04/2016 04:39:03 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/03/2016 10:51:39 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/01/2016 12:49:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/01/2016 12:49:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht.
Error: (07/01/2016 12:48:25 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.
CodeIntegrity:
===================================
Date: 2013-09-25 21:38:53.619
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 21:38:53.553
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8086.48 MB
Verfügbarer physikalischer RAM: 5634.96 MB
Summe virtueller Speicher: 16171.15 MB
Verfügbarer virtueller Speicher: 13347.83 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:1.72 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:0.43 GB) NTFS
Drive z: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
Geändert von Bernhard1 (09.07.2016 um 08:09 Uhr) |
|
09.07.2016, 08:01
| #5 |
| | werde ask.gen nicht los Teil 1 von TDSSKiller.3.1.0.9_09.07.2016_08.38.51_log.txt : Code:
ATTFilter 08:38:51.0134 0x1884 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
08:38:58.0294 0x1884 ============================================================
08:38:58.0294 0x1884 Current date / time: 2016/07/09 08:38:58.0294
08:38:58.0294 0x1884 SystemInfo:
08:38:58.0294 0x1884
08:38:58.0294 0x1884 OS Version: 6.1.7601 ServicePack: 1.0
08:38:58.0294 0x1884 Product type: Workstation
08:38:58.0294 0x1884 ComputerName: BERNHARD-PC
08:38:58.0294 0x1884 UserName: Bernhard
08:38:58.0294 0x1884 Windows directory: C:\Windows
08:38:58.0294 0x1884 System windows directory: C:\Windows
08:38:58.0294 0x1884 Running under WOW64
08:38:58.0294 0x1884 Processor architecture: Intel x64
08:38:58.0294 0x1884 Number of processors: 4
08:38:58.0294 0x1884 Page size: 0x1000
08:38:58.0294 0x1884 Boot type: Normal boot
08:38:58.0294 0x1884 ============================================================
08:38:59.0059 0x1884 KLMD registered as C:\Windows\system32\drivers\65314512.sys
08:38:59.0605 0x1884 System UUID: {2C411748-E251-4DC7-E478-AA92D23E139D}
08:39:00.0057 0x1884 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:39:00.0073 0x1884 ============================================================
08:39:00.0073 0x1884 \Device\Harddisk0\DR0:
08:39:00.0073 0x1884 MBR partitions:
08:39:00.0073 0x1884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:39:00.0073 0x1884 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x33D52000
08:39:00.0073 0x1884 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x33D84800, BlocksNum 0x6400000
08:39:00.0073 0x1884 ============================================================
08:39:00.0088 0x1884 C: <-> \Device\Harddisk0\DR0\Partition2
08:39:00.0151 0x1884 D: <-> \Device\Harddisk0\DR0\Partition3
08:39:00.0197 0x1884 Z: <-> \Device\Harddisk0\DR0\Partition1
08:39:00.0197 0x1884 ============================================================
08:39:00.0197 0x1884 Initialize success
08:39:00.0197 0x1884 ============================================================
08:42:08.0746 0x1ad8 ============================================================
08:42:08.0746 0x1ad8 Scan started
08:42:08.0746 0x1ad8 Mode: Manual; SigCheck; TDLFS;
08:42:08.0746 0x1ad8 ============================================================
08:42:08.0746 0x1ad8 KSN ping started
08:42:11.0617 0x1ad8 KSN ping finished: true
08:42:13.0005 0x1ad8 ================ Scan system memory ========================
08:42:13.0005 0x1ad8 System memory - ok
08:42:13.0005 0x1ad8 ================ Scan services =============================
08:42:13.0099 0x1ad8 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
08:42:13.0161 0x1ad8 !SASCORE - ok
08:42:13.0442 0x1ad8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:42:13.0473 0x1ad8 1394ohci - ok
08:42:13.0598 0x1ad8 [ 84DA132E969484F581C550DE69BD1727, 1BBEF846DC898574AAED50FA85870AA301698AB9B0A14558FCCDD414EEE73B8F ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
08:42:13.0645 0x1ad8 acedrv11 - ok
08:42:13.0676 0x1ad8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:42:13.0692 0x1ad8 ACPI - ok
08:42:13.0723 0x1ad8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:42:13.0738 0x1ad8 AcpiPmi - ok
08:42:13.0910 0x1ad8 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:42:13.0941 0x1ad8 AdobeARMservice - ok
08:42:14.0144 0x1ad8 [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:42:14.0160 0x1ad8 AdobeFlashPlayerUpdateSvc - ok
08:42:14.0253 0x1ad8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:42:14.0284 0x1ad8 adp94xx - ok
08:42:14.0331 0x1ad8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:42:14.0347 0x1ad8 adpahci - ok
08:42:14.0378 0x1ad8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:42:14.0394 0x1ad8 adpu320 - ok
08:42:14.0456 0x1ad8 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:42:14.0487 0x1ad8 AeLookupSvc - ok
08:42:14.0565 0x1ad8 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
08:42:14.0596 0x1ad8 Afc - ok
08:42:14.0690 0x1ad8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
08:42:14.0737 0x1ad8 AFD - ok
08:42:14.0768 0x1ad8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
08:42:14.0784 0x1ad8 agp440 - ok
08:42:14.0799 0x1ad8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
08:42:14.0815 0x1ad8 ALG - ok
08:42:14.0862 0x1ad8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
08:42:14.0862 0x1ad8 aliide - ok
08:42:14.0908 0x1ad8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
08:42:14.0924 0x1ad8 amdide - ok
08:42:14.0971 0x1ad8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:42:14.0986 0x1ad8 AmdK8 - ok
08:42:15.0002 0x1ad8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:42:15.0018 0x1ad8 AmdPPM - ok
08:42:15.0033 0x1ad8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:42:15.0049 0x1ad8 amdsata - ok
08:42:15.0080 0x1ad8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:42:15.0096 0x1ad8 amdsbs - ok
08:42:15.0111 0x1ad8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:42:15.0111 0x1ad8 amdxata - ok
08:42:15.0158 0x1ad8 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
08:42:15.0174 0x1ad8 AMPPAL - ok
08:42:15.0189 0x1ad8 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
08:42:15.0205 0x1ad8 AMPPALP - ok
08:42:15.0298 0x1ad8 [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
08:42:15.0330 0x1ad8 AMPPALR3 - ok
08:42:15.0532 0x1ad8 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
08:42:15.0595 0x1ad8 AntiVirMailService - ok
08:42:15.0688 0x1ad8 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:42:15.0720 0x1ad8 AntiVirSchedulerService - ok
08:42:15.0766 0x1ad8 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:42:15.0782 0x1ad8 AntiVirService - ok
08:42:15.0876 0x1ad8 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
08:42:15.0922 0x1ad8 AntiVirWebService - ok
08:42:15.0969 0x1ad8 [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
08:42:15.0985 0x1ad8 Apowersoft_AudioDevice - ok
08:42:16.0063 0x1ad8 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
08:42:16.0094 0x1ad8 AppID - ok
08:42:16.0156 0x1ad8 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:42:16.0188 0x1ad8 AppIDSvc - ok
08:42:16.0250 0x1ad8 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
08:42:16.0281 0x1ad8 Appinfo - ok
08:42:16.0344 0x1ad8 [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:42:16.0359 0x1ad8 Apple Mobile Device - ok
08:42:16.0422 0x1ad8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
08:42:16.0437 0x1ad8 arc - ok
08:42:16.0453 0x1ad8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:42:16.0468 0x1ad8 arcsas - ok
08:42:16.0531 0x1ad8 [ 8C17F3795DAE9A0ECDE4B3A3B0740E5F, 65807F2EEB7E60E1A7EFB4AEC9BB20C7121E8754E9001616DF919E5EA8B7C541 ] asfp C:\Windows\system32\drivers\pyqrct.sys
08:42:16.0562 0x1ad8 asfp - ok
08:42:16.0671 0x1ad8 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:42:16.0702 0x1ad8 aspnet_state - ok
08:42:16.0749 0x1ad8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:42:16.0796 0x1ad8 AsyncMac - ok
08:42:16.0843 0x1ad8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
08:42:16.0843 0x1ad8 atapi - ok
08:42:16.0952 0x1ad8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:42:16.0983 0x1ad8 AudioEndpointBuilder - ok
08:42:17.0030 0x1ad8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:42:17.0061 0x1ad8 AudioSrv - ok
08:42:17.0108 0x1ad8 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:42:17.0139 0x1ad8 avgntflt - ok
08:42:17.0202 0x1ad8 [ C9BED3BDC39FBCAA77A88308355B237E, AFC74D4BF86FB695D7D31534C174D926C8ED57E7D8E98339CE3ED060AC3BB6D0 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:42:17.0248 0x1ad8 avipbb - ok
08:42:17.0420 0x1ad8 [ 9C57AD1165D9F4866EBA6C18E91A8A14, E75288B3BED90CABAEE01383F8CB68719B67158FEB0FE036668693D237F275CF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
08:42:17.0451 0x1ad8 Avira.ServiceHost - ok
08:42:17.0467 0x1ad8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:42:17.0482 0x1ad8 avkmgr - ok
08:42:17.0545 0x1ad8 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
08:42:17.0560 0x1ad8 avnetflt - ok
08:42:17.0654 0x1ad8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:42:17.0701 0x1ad8 AxInstSV - ok
08:42:17.0763 0x1ad8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:42:17.0794 0x1ad8 b06bdrv - ok
08:42:17.0857 0x1ad8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:42:17.0888 0x1ad8 b57nd60a - ok
08:42:17.0935 0x1ad8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
08:42:17.0950 0x1ad8 BDESVC - ok
08:42:17.0997 0x1ad8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
08:42:18.0060 0x1ad8 Beep - ok
08:42:18.0153 0x1ad8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
08:42:18.0200 0x1ad8 BFE - ok
08:42:18.0262 0x1ad8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
08:42:18.0466 0x1ad8 BITS - ok
08:42:18.0513 0x1ad8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:42:18.0529 0x1ad8 blbdrive - ok
08:42:18.0638 0x1ad8 [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
08:42:18.0685 0x1ad8 Bluetooth Device Monitor - ok
08:42:18.0778 0x1ad8 [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
08:42:18.0825 0x1ad8 Bluetooth Media Service - ok
08:42:18.0887 0x1ad8 [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
08:42:18.0934 0x1ad8 Bluetooth OBEX Service - ok
08:42:18.0965 0x1ad8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:42:18.0981 0x1ad8 bowser - ok
08:42:19.0012 0x1ad8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:42:19.0043 0x1ad8 BrFiltLo - ok
08:42:19.0090 0x1ad8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:42:19.0137 0x1ad8 BrFiltUp - ok
08:42:19.0199 0x1ad8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:42:19.0246 0x1ad8 BridgeMP - ok
08:42:19.0324 0x1ad8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
08:42:19.0355 0x1ad8 Browser - ok
08:42:19.0387 0x1ad8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:42:19.0402 0x1ad8 Brserid - ok
08:42:19.0433 0x1ad8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:42:19.0449 0x1ad8 BrSerWdm - ok
08:42:19.0449 0x1ad8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:42:19.0465 0x1ad8 BrUsbMdm - ok
08:42:19.0480 0x1ad8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:42:19.0496 0x1ad8 BrUsbSer - ok
08:42:19.0543 0x1ad8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:42:19.0543 0x1ad8 BthEnum - ok
08:42:19.0589 0x1ad8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:42:19.0621 0x1ad8 BTHMODEM - ok
08:42:19.0652 0x1ad8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:42:19.0667 0x1ad8 BthPan - ok
08:42:19.0714 0x1ad8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:42:19.0730 0x1ad8 BTHPORT - ok
08:42:19.0777 0x1ad8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
08:42:19.0823 0x1ad8 bthserv - ok
08:42:19.0839 0x1ad8 [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
08:42:19.0855 0x1ad8 BTHSSecurityMgr - ok
08:42:19.0886 0x1ad8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:42:19.0901 0x1ad8 BTHUSB - ok
08:42:19.0933 0x1ad8 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
08:42:19.0948 0x1ad8 btmaux - ok
08:42:19.0995 0x1ad8 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
08:42:20.0026 0x1ad8 btmhsf - ok
08:42:20.0073 0x1ad8 catchme - ok
08:42:20.0120 0x1ad8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:42:20.0167 0x1ad8 cdfs - ok
08:42:20.0213 0x1ad8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:42:20.0245 0x1ad8 cdrom - ok
08:42:20.0307 0x1ad8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
08:42:20.0369 0x1ad8 CertPropSvc - ok
08:42:20.0401 0x1ad8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
08:42:20.0432 0x1ad8 circlass - ok
08:42:20.0463 0x1ad8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
08:42:20.0479 0x1ad8 CLFS - ok
08:42:20.0541 0x1ad8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:42:20.0557 0x1ad8 clr_optimization_v2.0.50727_32 - ok
08:42:20.0603 0x1ad8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:42:20.0650 0x1ad8 clr_optimization_v2.0.50727_64 - ok
08:42:20.0728 0x1ad8 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:42:20.0759 0x1ad8 clr_optimization_v4.0.30319_32 - ok
08:42:20.0791 0x1ad8 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:42:20.0806 0x1ad8 clr_optimization_v4.0.30319_64 - ok
08:42:20.0853 0x1ad8 [ A4DC4C58F4B8D798E5F5D59099ADCF8A, 9EA32AAD464FFBE419F439C2761BB65556611E700589AD1EF3907962101159EA ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
08:42:20.0931 0x1ad8 clwvd - ok
08:42:20.0962 0x1ad8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:42:20.0978 0x1ad8 CmBatt - ok
08:42:20.0993 0x1ad8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:42:21.0009 0x1ad8 cmdide - ok
08:42:21.0134 0x1ad8 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
08:42:21.0165 0x1ad8 CNG - ok
08:42:21.0212 0x1ad8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:42:21.0227 0x1ad8 Compbatt - ok
08:42:21.0243 0x1ad8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:42:21.0259 0x1ad8 CompositeBus - ok
08:42:21.0274 0x1ad8 COMSysApp - ok
08:42:21.0368 0x1ad8 [ DB84D759193FDEDF82144E565108037E, 34568245095CFB2482C4E5BDFF94E5A213F81EE1813A18EF35867EDB32BC0B59 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:42:21.0461 0x1ad8 cphs - ok
08:42:21.0477 0x1ad8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:42:21.0493 0x1ad8 crcdisk - ok
08:42:21.0555 0x1ad8 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:42:21.0586 0x1ad8 CryptSvc - ok
08:42:21.0773 0x1ad8 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:42:21.0820 0x1ad8 cvhsvc - ok
08:42:21.0961 0x1ad8 [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
08:42:21.0976 0x1ad8 CyberLink PowerDVD 10 MS Monitor Service - ok
08:42:22.0023 0x1ad8 [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
08:42:22.0039 0x1ad8 CyberLink PowerDVD 10 MS Service - ok
08:42:22.0117 0x1ad8 [ 48297BF3339BC56DD7D7524D7A1740AA, A0D750FE7745C7D2A53CB61A6FF33B867675053B56F8DB1F52B01A74FB755190 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
08:42:22.0132 0x1ad8 DBService - detected UnsignedFile.Multi.Generic ( 1 )
08:42:22.0210 0x1ad8 DBService ( UnsignedFile.Multi.Generic ) - warning
08:42:22.0288 0x1ad8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
08:42:22.0304 0x1ad8 DcomLaunch - ok
08:42:22.0351 0x1ad8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
08:42:22.0397 0x1ad8 defragsvc - ok
08:42:22.0444 0x1ad8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:42:22.0475 0x1ad8 DfsC - ok
08:42:22.0569 0x1ad8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:42:22.0600 0x1ad8 Dhcp - ok
08:42:22.0834 0x1ad8 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
08:42:22.0881 0x1ad8 DiagTrack - ok
08:42:22.0912 0x1ad8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
08:42:22.0943 0x1ad8 discache - ok
08:42:22.0990 0x1ad8 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
08:42:23.0006 0x1ad8 Disk - ok
08:42:23.0037 0x1ad8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:42:23.0053 0x1ad8 Dnscache - ok
08:42:23.0099 0x1ad8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
08:42:23.0131 0x1ad8 dot3svc - ok
08:42:23.0193 0x1ad8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:42:23.0224 0x1ad8 Dot4 - ok
08:42:23.0240 0x1ad8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:42:23.0255 0x1ad8 Dot4Print - ok
08:42:23.0287 0x1ad8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:42:23.0302 0x1ad8 dot4usb - ok
08:42:23.0349 0x1ad8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
08:42:23.0396 0x1ad8 DPS - ok
08:42:23.0489 0x1ad8 [ 78675536D8B6E2D96B59196C2BE3EBF2, 77F0D0135B8CD0D1CB429D5778794807813AE032D12A40C912CD2E1AF614F317 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
08:42:23.0505 0x1ad8 DragonSvc - ok
08:42:23.0536 0x1ad8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:42:23.0567 0x1ad8 drmkaud - ok
08:42:23.0723 0x1ad8 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:42:23.0786 0x1ad8 DXGKrnl - ok
08:42:23.0833 0x1ad8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
08:42:23.0864 0x1ad8 EapHost - ok
08:42:24.0035 0x1ad8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:42:24.0129 0x1ad8 ebdrv - ok
08:42:24.0207 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\Windows\System32\lsass.exe
08:42:24.0238 0x1ad8 EFS - ok
08:42:24.0363 0x1ad8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:42:24.0488 0x1ad8 ehRecvr - ok
08:42:24.0503 0x1ad8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
08:42:24.0519 0x1ad8 ehSched - ok
08:42:24.0628 0x1ad8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:42:24.0706 0x1ad8 elxstor - ok
08:42:24.0737 0x1ad8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:42:24.0753 0x1ad8 ErrDev - ok
08:42:24.0784 0x1ad8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
08:42:24.0831 0x1ad8 EventSystem - ok
08:42:24.0987 0x1ad8 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:42:25.0018 0x1ad8 EvtEng - ok
08:42:25.0049 0x1ad8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
08:42:25.0096 0x1ad8 exfat - ok
08:42:25.0127 0x1ad8 [ 0EE1D766D9B671AB101978723FE3558B, 7144181AD870BBDD2CA1AAA9990ACE5760D35620A775713C27AAFD1D0245AA4C ] FARMNTIO c:\windows\system32\drivers\farmntio.sys
08:42:25.0221 0x1ad8 FARMNTIO - detected UnsignedFile.Multi.Generic ( 1 )
08:42:25.0221 0x1ad8 FARMNTIO ( UnsignedFile.Multi.Generic ) - warning
08:42:25.0221 0x1ad8 Force sending object to P2P due to detect: FARMNTIO
08:42:25.0221 0x1ad8 Object send P2P result: false
08:42:25.0252 0x1ad8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:42:25.0283 0x1ad8 fastfat - ok
08:42:25.0346 0x1ad8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
08:42:25.0377 0x1ad8 Fax - ok
08:42:25.0408 0x1ad8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
08:42:25.0424 0x1ad8 fdc - ok
08:42:25.0455 0x1ad8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
08:42:25.0486 0x1ad8 fdPHost - ok
08:42:25.0502 0x1ad8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
08:42:25.0533 0x1ad8 FDResPub - ok
08:42:25.0564 0x1ad8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:42:25.0595 0x1ad8 FileInfo - ok
08:42:25.0611 0x1ad8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:42:25.0642 0x1ad8 Filetrace - ok
08:42:25.0673 0x1ad8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:42:25.0673 0x1ad8 flpydisk - ok
08:42:25.0705 0x1ad8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:42:25.0720 0x1ad8 FltMgr - ok
08:42:25.0861 0x1ad8 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
08:42:25.0907 0x1ad8 FontCache - ok
08:42:26.0001 0x1ad8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:42:26.0032 0x1ad8 FontCache3.0.0.0 - ok
08:42:26.0048 0x1ad8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:42:26.0063 0x1ad8 FsDepends - ok
08:42:26.0095 0x1ad8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:42:26.0110 0x1ad8 Fs_Rec - ok
08:42:26.0141 0x1ad8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:42:26.0173 0x1ad8 fvevol - ok
08:42:26.0188 0x1ad8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:42:26.0204 0x1ad8 gagp30kx - ok
08:42:26.0360 0x1ad8 [ 9162ECA694162A77679950CF2E27D3C1, 7EADEDE34A8E7458D2DDEE294D0789E9FD1EE822AB627D7E4ECAEDDD5D3EE81D ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
08:42:26.0375 0x1ad8 GFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
08:42:26.0375 0x1ad8 GFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
08:42:26.0453 0x1ad8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
08:42:26.0516 0x1ad8 gpsvc - ok
08:42:26.0578 0x1ad8 [ B60F64D60603B3E5E9C1B142947A88E1, 116253E719677399784D4C1778C2398A6DF62E9EC593B8906285D42D390166D6 ] GSService C:\Windows\SysWOW64\GSService.exe
08:42:26.0672 0x1ad8 GSService - ok
08:42:26.0781 0x1ad8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:42:26.0812 0x1ad8 gupdate - ok
08:42:26.0843 0x1ad8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:42:26.0843 0x1ad8 gupdatem - ok
08:42:26.0875 0x1ad8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:42:26.0890 0x1ad8 hcw85cir - ok
08:42:26.0921 0x1ad8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:42:26.0953 0x1ad8 HdAudAddService - ok
08:42:26.0984 0x1ad8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:42:27.0015 0x1ad8 HDAudBus - ok
08:42:27.0015 0x1ad8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:42:27.0031 0x1ad8 HidBatt - ok
08:42:27.0046 0x1ad8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:42:27.0062 0x1ad8 HidBth - ok
08:42:27.0077 0x1ad8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
08:42:27.0093 0x1ad8 HidIr - ok
08:42:27.0109 0x1ad8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
08:42:27.0140 0x1ad8 hidserv - ok
08:42:27.0249 0x1ad8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:42:27.0280 0x1ad8 HidUsb - ok
08:42:27.0327 0x1ad8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:42:27.0389 0x1ad8 hkmsvc - ok
08:42:27.0405 0x1ad8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:42:27.0421 0x1ad8 HomeGroupListener - ok
08:42:27.0452 0x1ad8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:42:27.0467 0x1ad8 HomeGroupProvider - ok
08:42:27.0577 0x1ad8 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:42:27.0592 0x1ad8 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
08:42:27.0592 0x1ad8 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
08:42:27.0608 0x1ad8 [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:42:27.0608 0x1ad8 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
08:42:27.0608 0x1ad8 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
08:42:27.0608 0x1ad8 Force sending object to P2P due to detect: hpqddsvc
08:42:27.0608 0x1ad8 Object send P2P result: false
08:42:27.0639 0x1ad8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:42:27.0655 0x1ad8 HpSAMD - ok
08:42:27.0717 0x1ad8 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:42:27.0764 0x1ad8 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
08:42:27.0764 0x1ad8 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
08:42:27.0826 0x1ad8 [ A57FF4C6A3CC4AA2F0C0E15E29259A8B, C4A2F6A17C93A39F9B228C930193D9D991AB4F610029BA5DA23DCBE3AA5A2AFC ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
08:42:27.0920 0x1ad8 HssDRV6 - ok
08:42:28.0013 0x1ad8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:42:28.0045 0x1ad8 HTTP - ok
08:42:28.0123 0x1ad8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:42:28.0154 0x1ad8 hwpolicy - ok
08:42:28.0232 0x1ad8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:42:28.0279 0x1ad8 i8042prt - ok
08:42:28.0372 0x1ad8 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:42:28.0466 0x1ad8 iaStor - ok
08:42:28.0559 0x1ad8 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:42:28.0653 0x1ad8 IAStorDataMgrSvc - ok
08:42:28.0731 0x1ad8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:42:28.0762 0x1ad8 iaStorV - ok
08:42:28.0778 0x1ad8 [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
08:42:28.0793 0x1ad8 ibtfltcoex - ok
08:42:28.0887 0x1ad8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:42:28.0918 0x1ad8 idsvc - ok
08:42:28.0949 0x1ad8 IEEtwCollectorService - ok
08:42:29.0464 0x1ad8 [ 54E37A4E66B2CA1C38E9728FAD5F9822, C53500674DD96909A34C3975C81D9325E4DAC0753A3E99535246BF7BADF19EF4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:42:29.0885 0x1ad8 igfx - ok
08:42:29.0932 0x1ad8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:42:29.0948 0x1ad8 iirsp - ok
08:42:30.0026 0x1ad8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
08:42:30.0073 0x1ad8 IKEEXT - ok
08:42:30.0119 0x1ad8 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
08:42:30.0213 0x1ad8 intaud_WaveExtensible - ok
08:42:30.0447 0x1ad8 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:42:30.0650 0x1ad8 IntcAzAudAddService - ok
08:42:30.0712 0x1ad8 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:42:30.0728 0x1ad8 IntcDAud - ok
08:42:30.0759 0x1ad8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
08:42:30.0775 0x1ad8 intelide - ok
08:42:30.0806 0x1ad8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:42:30.0821 0x1ad8 intelppm - ok
08:42:30.0853 0x1ad8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:42:30.0884 0x1ad8 IPBusEnum - ok
08:42:30.0931 0x1ad8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:42:30.0977 0x1ad8 IpFilterDriver - ok
08:42:31.0009 0x1ad8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:42:31.0040 0x1ad8 iphlpsvc - ok
08:42:31.0055 0x1ad8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:42:31.0071 0x1ad8 IPMIDRV - ok
08:42:31.0087 0x1ad8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:42:31.0118 0x1ad8 IPNAT - ok
08:42:31.0133 0x1ad8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:42:31.0149 0x1ad8 IRENUM - ok
08:42:31.0180 0x1ad8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:42:31.0180 0x1ad8 isapnp - ok
08:42:31.0227 0x1ad8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:42:31.0243 0x1ad8 iScsiPrt - ok
08:42:31.0289 0x1ad8 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
08:42:31.0383 0x1ad8 iusb3hcs - ok
08:42:31.0461 0x1ad8 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
08:42:31.0570 0x1ad8 iusb3hub - ok
08:42:31.0617 0x1ad8 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
08:42:31.0726 0x1ad8 iusb3xhc - ok
08:42:31.0757 0x1ad8 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
08:42:31.0835 0x1ad8 iwdbus - ok
08:42:31.0913 0x1ad8 [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
08:42:32.0007 0x1ad8 jhi_service - ok
08:42:32.0038 0x1ad8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:42:32.0054 0x1ad8 kbdclass - ok
08:42:32.0069 0x1ad8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:42:32.0085 0x1ad8 kbdhid - ok
08:42:32.0163 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\Windows\system32\lsass.exe
08:42:32.0194 0x1ad8 KeyIso - ok
08:42:32.0257 0x1ad8 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:42:32.0272 0x1ad8 KSecDD - ok
08:42:32.0335 0x1ad8 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:42:32.0366 0x1ad8 KSecPkg - ok
08:42:32.0397 0x1ad8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:42:32.0428 0x1ad8 ksthunk - ok
08:42:32.0475 0x1ad8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
08:42:32.0522 0x1ad8 KtmRm - ok
08:42:32.0584 0x1ad8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:42:32.0631 0x1ad8 LanmanServer - ok
08:42:32.0662 0x1ad8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:42:32.0709 0x1ad8 LanmanWorkstation - ok
08:42:32.0756 0x1ad8 [ 5A932202AC9EF9C424918DD20DBB5F76, F1ADDD6C083EFAC7D9D61211BD05C8294E026265759D0C1443BEB6C58D143D60 ] leawo_vad C:\Windows\system32\drivers\leawo_vad.sys
08:42:32.0865 0x1ad8 leawo_vad - ok
08:42:32.0990 0x1ad8 [ ADA0C09E8AEDC17F11D8E1731986A88A, 1B25D7137E89149BB61FF52BE0259F48E374FC4F7114FAF267AF7A19F3B89BD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:42:33.0021 0x1ad8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
08:42:33.0021 0x1ad8 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
08:42:33.0052 0x1ad8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:42:33.0115 0x1ad8 lltdio - ok
08:42:33.0161 0x1ad8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:42:33.0193 0x1ad8 lltdsvc - ok
08:42:33.0208 0x1ad8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:42:33.0239 0x1ad8 lmhosts - ok
08:42:33.0286 0x1ad8 [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:42:33.0380 0x1ad8 LMS - ok
08:42:33.0442 0x1ad8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:42:33.0473 0x1ad8 LSI_FC - ok
08:42:33.0473 0x1ad8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:42:33.0489 0x1ad8 LSI_SAS - ok
08:42:33.0505 0x1ad8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:42:33.0520 0x1ad8 LSI_SAS2 - ok
08:42:33.0536 0x1ad8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:42:33.0551 0x1ad8 LSI_SCSI - ok
08:42:33.0567 0x1ad8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
08:42:33.0598 0x1ad8 luafv - ok
08:42:33.0629 0x1ad8 [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter C:\Windows\system32\drivers\massfilter.sys
08:42:33.0645 0x1ad8 massfilter - ok
08:42:33.0676 0x1ad8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:42:33.0707 0x1ad8 Mcx2Svc - ok
08:42:33.0723 0x1ad8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
08:42:33.0739 0x1ad8 megasas - ok
08:42:33.0785 0x1ad8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:42:33.0801 0x1ad8 MegaSR - ok
08:42:33.0832 0x1ad8 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
08:42:33.0910 0x1ad8 MEIx64 - ok
08:42:33.0973 0x1ad8 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
08:42:33.0973 0x1ad8 MemeoBackgroundService - ok
08:42:34.0004 0x1ad8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
08:42:34.0051 0x1ad8 MMCSS - ok
08:42:34.0066 0x1ad8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
08:42:34.0097 0x1ad8 Modem - ok
08:42:34.0129 0x1ad8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:42:34.0144 0x1ad8 monitor - ok
08:42:34.0160 0x1ad8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:42:34.0160 0x1ad8 mouclass - ok
08:42:34.0207 0x1ad8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:42:34.0207 0x1ad8 mouhid - ok
08:42:34.0300 0x1ad8 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:42:34.0331 0x1ad8 mountmgr - ok
08:42:34.0394 0x1ad8 [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:42:34.0425 0x1ad8 MozillaMaintenance - ok
08:42:34.0472 0x1ad8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
08:42:34.0487 0x1ad8 mpio - ok
08:42:34.0503 0x1ad8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:42:34.0550 0x1ad8 mpsdrv - ok
08:42:34.0612 0x1ad8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:42:34.0659 0x1ad8 MpsSvc - ok
08:42:34.0737 0x1ad8 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:42:34.0768 0x1ad8 MRxDAV - ok
08:42:34.0815 0x1ad8 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:42:34.0846 0x1ad8 mrxsmb - ok
08:42:34.0924 0x1ad8 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:42:34.0971 0x1ad8 mrxsmb10 - ok
08:42:34.0987 0x1ad8 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:42:35.0002 0x1ad8 mrxsmb20 - ok
08:42:35.0018 0x1ad8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
08:42:35.0033 0x1ad8 msahci - ok
08:42:35.0065 0x1ad8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:42:35.0080 0x1ad8 msdsm - ok
08:42:35.0096 0x1ad8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
08:42:35.0111 0x1ad8 MSDTC - ok
08:42:35.0143 0x1ad8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:42:35.0174 0x1ad8 Msfs - ok
08:42:35.0189 0x1ad8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:42:35.0221 0x1ad8 mshidkmdf - ok
08:42:35.0236 0x1ad8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:42:35.0252 0x1ad8 msisadrv - ok
08:42:35.0299 0x1ad8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:42:35.0361 0x1ad8 MSiSCSI - ok
08:42:35.0361 0x1ad8 msiserver - ok
08:42:35.0392 0x1ad8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:42:35.0423 0x1ad8 MSKSSRV - ok
08:42:35.0439 0x1ad8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:42:35.0470 0x1ad8 MSPCLOCK - ok
08:42:35.0486 0x1ad8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:42:35.0517 0x1ad8 MSPQM - ok
08:42:35.0533 0x1ad8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:42:35.0564 0x1ad8 MsRPC - ok
08:42:35.0579 0x1ad8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:42:35.0579 0x1ad8 mssmbios - ok
08:42:35.0595 0x1ad8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:42:35.0642 0x1ad8 MSTEE - ok
08:42:35.0642 0x1ad8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:42:35.0657 0x1ad8 MTConfig - ok
08:42:35.0673 0x1ad8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
08:42:35.0689 0x1ad8 Mup - ok
08:42:35.0829 0x1ad8 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:42:35.0845 0x1ad8 MyWiFiDHCPDNS - ok
08:42:35.0907 0x1ad8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
08:42:35.0954 0x1ad8 napagent - ok
08:42:35.0985 0x1ad8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:42:36.0001 0x1ad8 NativeWifiP - ok
08:42:36.0141 0x1ad8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:42:36.0172 0x1ad8 NDIS - ok
08:42:36.0203 0x1ad8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:42:36.0235 0x1ad8 NdisCap - ok
08:42:36.0266 0x1ad8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:42:36.0297 0x1ad8 NdisTapi - ok
08:42:36.0328 0x1ad8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:42:36.0359 0x1ad8 Ndisuio - ok
08:42:36.0391 0x1ad8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:42:36.0422 0x1ad8 NdisWan - ok
08:42:36.0453 0x1ad8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:42:36.0515 0x1ad8 NDProxy - ok
08:42:36.0609 0x1ad8 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\WINDOWS\SYSTEM32\HPZinw12.dll
08:42:36.0625 0x1ad8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
08:42:36.0625 0x1ad8 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:42:36.0656 0x1ad8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:42:36.0703 0x1ad8 NetBIOS - ok
08:42:36.0749 0x1ad8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:42:36.0796 0x1ad8 NetBT - ok
08:42:36.0827 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\Windows\system32\lsass.exe
08:42:36.0843 0x1ad8 Netlogon - ok
08:42:36.0890 0x1ad8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
08:42:36.0921 0x1ad8 Netman - ok
08:42:36.0999 0x1ad8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:37.0046 0x1ad8 NetMsmqActivator - ok
08:42:37.0124 0x1ad8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:37.0155 0x1ad8 NetPipeActivator - ok
08:42:37.0233 0x1ad8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
08:42:37.0295 0x1ad8 netprofm - ok
08:42:37.0327 0x1ad8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:37.0342 0x1ad8 NetTcpActivator - ok
08:42:37.0358 0x1ad8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:37.0373 0x1ad8 NetTcpPortSharing - ok
08:42:37.0795 0x1ad8 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB, 74E975F3BF39B360C466A0CEEEF545D1B814EE1AEFF6B2FCDD81A33FA276FBF3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
08:42:38.0075 0x1ad8 NETwNs64 - ok
08:42:38.0122 0x1ad8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:42:38.0138 0x1ad8 nfrd960 - ok
08:42:38.0169 0x1ad8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
08:42:38.0185 0x1ad8 NlaSvc - ok
08:42:38.0247 0x1ad8 [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
08:42:38.0263 0x1ad8 nmwcd - ok
08:42:38.0294 0x1ad8 [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
08:42:38.0309 0x1ad8 nmwcdc - ok
08:42:38.0387 0x1ad8 [ 5B6203B2F4B3727A0AEB8DA44545E64E, CED2A55DD4962E781EBC70AF68209D0F4DFC8B7A117130E999F86C4E89055DA2 ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
08:42:38.0434 0x1ad8 nmwcdnsucx64 - ok
08:42:38.0481 0x1ad8 [ 93CC935F10D17A7AAAA8FC9E5AC7AF6A, 6035A18919E680DE30F1EA630E8594F14FD54373F5C624F18626BC824860A798 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
08:42:38.0528 0x1ad8 nmwcdnsux64 - ok
08:42:38.0559 0x1ad8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:42:38.0590 0x1ad8 Npfs - ok
08:42:38.0606 0x1ad8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
08:42:38.0637 0x1ad8 nsi - ok
08:42:38.0653 0x1ad8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:42:38.0684 0x1ad8 nsiproxy - ok
08:42:38.0824 0x1ad8 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:42:38.0902 0x1ad8 Ntfs - ok
08:42:38.0918 0x1ad8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
08:42:38.0949 0x1ad8 Null - ok
08:42:38.0980 0x1ad8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:42:38.0980 0x1ad8 nvraid - ok
08:42:38.0996 0x1ad8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:42:39.0011 0x1ad8 nvstor - ok
08:42:39.0043 0x1ad8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:42:39.0074 0x1ad8 nv_agp - ok
08:42:39.0105 0x1ad8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:42:39.0121 0x1ad8 ohci1394 - ok
08:42:39.0464 0x1ad8 [ E5CD07C8B079284DC62EFBE4CCA2ECAF, C6D6EEBA132B4047D927C7288CF49F97C204C3E0F6392591E783069E682D91B3 ] OO
|
|
09.07.2016, 08:52
| #6 |
| | werde ask.gen nicht los Teil 2 von TDSSKiller.3.1.0.9_09.07.2016_08.38.51_log.txt : Code:
ATTFilter DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe 08:42:39.0667 0x1ad8 OO DiskImage - ok 08:42:39.0713 0x1ad8 [ C904C08F6D3528A90EE18931E9D7823B, 5060286FE4BE98D0063C50826883E841897E168B5D0FFD4E1103B96EA5AD6C92 ] oodisr C:\Windows\system32\DRIVERS\oodisr.sys 08:42:39.0807 0x1ad8 oodisr - ok 08:42:39.0838 0x1ad8 [ C1CA04648A407581DE1F984D471D96C8, 03C3B3EA429C28DA5EA432E233615CA751F955967A9D68FF9C43B57B0EB72A17 ] oodisrh C:\Windows\system32\DRIVERS\oodisrh.sys 08:42:39.0916 0x1ad8 oodisrh - ok 08:42:39.0947 0x1ad8 [ E02B3E97F4ADADDB65A180EFC7017756, B9C6E8C4A3B2FFC05849F0484512057D6B159147F9FB90EC1E3CE25D90E3B0C0 ] oodivd C:\Windows\system32\DRIVERS\oodivd.sys 08:42:40.0025 0x1ad8 oodivd - ok 08:42:40.0057 0x1ad8 [ FF25E17C5DCDB980437E393519BBC92D, 1C383C4710123C0C0AE17D2E4AEB2D37BBC88B97DE89EF26AE8FCDEC0039D2F2 ] oodivdh C:\Windows\system32\DRIVERS\oodivdh.sys 08:42:40.0135 0x1ad8 oodivdh - ok 08:42:40.0181 0x1ad8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:42:40.0197 0x1ad8 ose - ok 08:42:40.0447 0x1ad8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 08:42:40.0571 0x1ad8 osppsvc - ok 08:42:40.0618 0x1ad8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 08:42:40.0634 0x1ad8 p2pimsvc - ok 08:42:40.0681 0x1ad8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 08:42:40.0696 0x1ad8 p2psvc - ok 08:42:40.0774 0x1ad8 [ D61B764B27BF05CCCADCC5E1E7B73A21, 14636C5D470E4E87B8C6ED4E34906072D8D631E566DECADF5E2FFC0535DF8989 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS 08:42:40.0883 0x1ad8 PAC7302 - ok 08:42:40.0915 0x1ad8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 08:42:40.0946 0x1ad8 Parport - ok 08:42:40.0977 0x1ad8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 08:42:40.0993 0x1ad8 partmgr - ok 08:42:41.0071 0x1ad8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 08:42:41.0086 0x1ad8 PcaSvc - ok 08:42:41.0133 0x1ad8 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 08:42:41.0133 0x1ad8 pccsmcfd - ok 08:42:41.0164 0x1ad8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 08:42:41.0180 0x1ad8 pci - ok 08:42:41.0211 0x1ad8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 08:42:41.0211 0x1ad8 pciide - ok 08:42:41.0242 0x1ad8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 08:42:41.0258 0x1ad8 pcmcia - ok 08:42:41.0289 0x1ad8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 08:42:41.0305 0x1ad8 pcw - ok 08:42:41.0445 0x1ad8 [ A7A3D776608CBFF44E0F8BE0208A7481, 10D9FBB3D18385F3E423190BFDD5D831B1FBA757317F26609A1B1C08879EEC05 ] pcwelt_backup_ez c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe 08:42:41.0461 0x1ad8 pcwelt_backup_ez - ok 08:42:41.0570 0x1ad8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 08:42:41.0601 0x1ad8 PEAUTH - ok 08:42:41.0695 0x1ad8 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 08:42:41.0788 0x1ad8 PEGAGFN - ok 08:42:41.0897 0x1ad8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 08:42:41.0929 0x1ad8 PerfHost - ok 08:42:41.0991 0x1ad8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 08:42:42.0069 0x1ad8 pla - ok 08:42:42.0147 0x1ad8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 08:42:42.0178 0x1ad8 PlugPlay - ok 08:42:42.0225 0x1ad8 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\WINDOWS\SYSTEM32\HPZipm12.dll 08:42:42.0225 0x1ad8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 08:42:42.0225 0x1ad8 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 08:42:42.0256 0x1ad8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 08:42:42.0287 0x1ad8 PNRPAutoReg - ok 08:42:42.0303 0x1ad8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 08:42:42.0319 0x1ad8 PNRPsvc - ok 08:42:42.0350 0x1ad8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 08:42:42.0397 0x1ad8 PolicyAgent - ok 08:42:42.0428 0x1ad8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 08:42:42.0459 0x1ad8 Power - ok 08:42:42.0506 0x1ad8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 08:42:42.0553 0x1ad8 PptpMiniport - ok 08:42:42.0599 0x1ad8 [ A8D10C6A9F542FA1D71896D15B4EFDD8, 9A0897F59A5830E195B2062D9C98B02C4D57652C2FC24A961C7522FE236996AF ] Printer Control C:\Windows\system32\PrintCtrl.exe 08:42:42.0631 0x1ad8 Printer Control - detected UnsignedFile.Multi.Generic ( 1 ) 08:42:42.0631 0x1ad8 Printer Control ( UnsignedFile.Multi.Generic ) - warning 08:42:42.0646 0x1ad8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 08:42:42.0662 0x1ad8 Processor - ok 08:42:42.0709 0x1ad8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 08:42:42.0740 0x1ad8 ProfSvc - ok 08:42:42.0802 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe 08:42:42.0833 0x1ad8 ProtectedStorage - ok 08:42:42.0880 0x1ad8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 08:42:42.0911 0x1ad8 Psched - ok 08:42:42.0958 0x1ad8 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 08:42:42.0974 0x1ad8 PSI_SVC_2 - ok 08:42:43.0067 0x1ad8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 08:42:43.0114 0x1ad8 ql2300 - ok 08:42:43.0130 0x1ad8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 08:42:43.0145 0x1ad8 ql40xx - ok 08:42:43.0177 0x1ad8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 08:42:43.0192 0x1ad8 QWAVE - ok 08:42:43.0208 0x1ad8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 08:42:43.0223 0x1ad8 QWAVEdrv - ok 08:42:43.0239 0x1ad8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 08:42:43.0270 0x1ad8 RasAcd - ok 08:42:43.0286 0x1ad8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 08:42:43.0317 0x1ad8 RasAgileVpn - ok 08:42:43.0333 0x1ad8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 08:42:43.0364 0x1ad8 RasAuto - ok 08:42:43.0379 0x1ad8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 08:42:43.0411 0x1ad8 Rasl2tp - ok 08:42:43.0442 0x1ad8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 08:42:43.0489 0x1ad8 RasMan - ok 08:42:43.0504 0x1ad8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 08:42:43.0535 0x1ad8 RasPppoe - ok 08:42:43.0582 0x1ad8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 08:42:43.0629 0x1ad8 RasSstp - ok 08:42:43.0660 0x1ad8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 08:42:43.0691 0x1ad8 rdbss - ok 08:42:43.0723 0x1ad8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 08:42:43.0769 0x1ad8 rdpbus - ok 08:42:43.0785 0x1ad8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 08:42:43.0832 0x1ad8 RDPCDD - ok 08:42:43.0832 0x1ad8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 08:42:43.0863 0x1ad8 RDPENCDD - ok 08:42:43.0879 0x1ad8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 08:42:43.0910 0x1ad8 RDPREFMP - ok 08:42:43.0941 0x1ad8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 08:42:43.0972 0x1ad8 RDPWD - ok 08:42:43.0988 0x1ad8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 08:42:44.0003 0x1ad8 rdyboost - ok 08:42:44.0128 0x1ad8 [ EA5EC8EA51F9214B3175BDA3B2724D96, F1FB6275E5AF03347F3A736BD9B1583A601A3D8E4713F82F720DF52694616C4D ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 08:42:44.0144 0x1ad8 RealPlayerUpdateSvc - ok 08:42:44.0331 0x1ad8 [ 1F70DB875E74612679B83F23B6DC1392, 7FB24C31EC501A13843FE2862AE0611BF21A93015BF71930B2DB624BB4267F88 ] RealTimes Desktop Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe 08:42:44.0378 0x1ad8 RealTimes Desktop Service - ok 08:42:44.0456 0x1ad8 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 08:42:44.0487 0x1ad8 RegSrvc - ok 08:42:44.0503 0x1ad8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 08:42:44.0534 0x1ad8 RemoteAccess - ok 08:42:44.0596 0x1ad8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 08:42:44.0659 0x1ad8 RemoteRegistry - ok 08:42:44.0690 0x1ad8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 08:42:44.0705 0x1ad8 RFCOMM - ok 08:42:44.0783 0x1ad8 [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 08:42:44.0815 0x1ad8 RichVideo64 - ok 08:42:44.0830 0x1ad8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 08:42:44.0877 0x1ad8 RpcEptMapper - ok 08:42:44.0893 0x1ad8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 08:42:44.0908 0x1ad8 RpcLocator - ok 08:42:44.0955 0x1ad8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll 08:42:44.0971 0x1ad8 RpcSs - ok 08:42:45.0002 0x1ad8 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys 08:42:45.0080 0x1ad8 RRNetCap - ok 08:42:45.0095 0x1ad8 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys 08:42:45.0173 0x1ad8 RRNetCapMP - ok 08:42:45.0205 0x1ad8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 08:42:45.0236 0x1ad8 rspndr - ok 08:42:45.0267 0x1ad8 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys 08:42:45.0345 0x1ad8 RSUSBSTOR - ok 08:42:45.0423 0x1ad8 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 08:42:45.0517 0x1ad8 RTL8167 - ok 08:42:45.0532 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\Windows\system32\lsass.exe 08:42:45.0548 0x1ad8 SamSs - ok 08:42:45.0610 0x1ad8 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 08:42:45.0704 0x1ad8 SASDIFSV - ok 08:42:45.0751 0x1ad8 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 08:42:45.0829 0x1ad8 SASKUTIL - ok 08:42:45.0875 0x1ad8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 08:42:45.0875 0x1ad8 sbp2port - ok 08:42:45.0922 0x1ad8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 08:42:45.0985 0x1ad8 SCardSvr - ok 08:42:45.0985 0x1ad8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 08:42:46.0016 0x1ad8 scfilter - ok 08:42:46.0141 0x1ad8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 08:42:46.0187 0x1ad8 Schedule - ok 08:42:46.0203 0x1ad8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 08:42:46.0250 0x1ad8 SCPolicySvc - ok 08:42:46.0265 0x1ad8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 08:42:46.0281 0x1ad8 SDRSVC - ok 08:42:46.0312 0x1ad8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 08:42:46.0328 0x1ad8 secdrv - ok 08:42:46.0390 0x1ad8 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll 08:42:46.0437 0x1ad8 seclogon - ok 08:42:46.0453 0x1ad8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll 08:42:46.0484 0x1ad8 SENS - ok 08:42:46.0515 0x1ad8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 08:42:46.0531 0x1ad8 SensrSvc - ok 08:42:46.0562 0x1ad8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 08:42:46.0562 0x1ad8 Serenum - ok 08:42:46.0593 0x1ad8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 08:42:46.0609 0x1ad8 Serial - ok 08:42:46.0655 0x1ad8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 08:42:46.0671 0x1ad8 sermouse - ok 08:42:46.0765 0x1ad8 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 08:42:46.0811 0x1ad8 ServiceLayer - ok 08:42:46.0843 0x1ad8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 08:42:46.0874 0x1ad8 SessionEnv - ok 08:42:46.0905 0x1ad8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 08:42:46.0905 0x1ad8 sffdisk - ok 08:42:46.0936 0x1ad8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 08:42:46.0952 0x1ad8 sffp_mmc - ok 08:42:46.0967 0x1ad8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 08:42:46.0983 0x1ad8 sffp_sd - ok 08:42:47.0014 0x1ad8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 08:42:47.0030 0x1ad8 sfloppy - ok 08:42:47.0077 0x1ad8 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 08:42:47.0108 0x1ad8 Sftfs - ok 08:42:47.0233 0x1ad8 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 08:42:47.0264 0x1ad8 sftlist - ok 08:42:47.0295 0x1ad8 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 08:42:47.0326 0x1ad8 Sftplay - ok 08:42:47.0357 0x1ad8 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 08:42:47.0389 0x1ad8 Sftredir - ok 08:42:47.0404 0x1ad8 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 08:42:47.0435 0x1ad8 Sftvol - ok 08:42:47.0451 0x1ad8 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 08:42:47.0467 0x1ad8 sftvsa - ok 08:42:47.0482 0x1ad8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 08:42:47.0529 0x1ad8 SharedAccess - ok 08:42:47.0560 0x1ad8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 08:42:47.0607 0x1ad8 ShellHWDetection - ok 08:42:47.0638 0x1ad8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 08:42:47.0638 0x1ad8 SiSRaid2 - ok 08:42:47.0685 0x1ad8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 08:42:47.0701 0x1ad8 SiSRaid4 - ok 08:42:47.0747 0x1ad8 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 08:42:47.0763 0x1ad8 SkypeUpdate - ok 08:42:47.0841 0x1ad8 [ ED3188A5AC871564D2598F289B5D36DF, CCDCA10105480DB16B4E0BD2767EA2DEF62C9996F2E059FBAA4A3B40AE3E97F6 ] SLEE_18_DRIVER C:\Windows\Sleen1864.sys 08:42:47.0935 0x1ad8 SLEE_18_DRIVER - ok 08:42:48.0013 0x1ad8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 08:42:48.0075 0x1ad8 Smb - ok 08:42:48.0137 0x1ad8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 08:42:48.0169 0x1ad8 SNMPTRAP - ok 08:42:48.0169 0x1ad8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 08:42:48.0184 0x1ad8 spldr - ok 08:42:48.0262 0x1ad8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 08:42:48.0293 0x1ad8 Spooler - ok 08:42:48.0449 0x1ad8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 08:42:48.0574 0x1ad8 sppsvc - ok 08:42:48.0590 0x1ad8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 08:42:48.0621 0x1ad8 sppuinotify - ok 08:42:48.0683 0x1ad8 [ B9657A0AFF28C1CB114ACC0CB93EE4BB, 619DE6438827A648566CB6F6407DF30E3BBCE345775B0154D883A48E244A62EE ] sp_rsdrv2 C:\Windows\system32\DRIVERS\stflt.sys 08:42:48.0793 0x1ad8 sp_rsdrv2 - ok 08:42:48.0824 0x1ad8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 08:42:48.0839 0x1ad8 srv - ok 08:42:48.0871 0x1ad8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 08:42:48.0886 0x1ad8 srv2 - ok 08:42:48.0917 0x1ad8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 08:42:48.0933 0x1ad8 srvnet - ok 08:42:48.0949 0x1ad8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 08:42:48.0995 0x1ad8 SSDPSRV - ok 08:42:49.0011 0x1ad8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 08:42:49.0042 0x1ad8 SstpSvc - ok 08:42:49.0089 0x1ad8 [ 7EC9919E79BB826F837FA3551A964AEC, 8F6376DFAFF7FE6A0E91EB34B8D6F10A4128FAC0FA48A2EA4F13CA309BCD2BD6 ] stdriver C:\Windows\system32\DRIVERS\stdriverx64.sys 08:42:49.0167 0x1ad8 stdriver - ok 08:42:49.0167 0x1ad8 Steganos Volatile Disk - ok 08:42:49.0214 0x1ad8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 08:42:49.0214 0x1ad8 stexstor - ok 08:42:49.0261 0x1ad8 [ 70D9E406A1170A801B0D9CCECF9D6914, DD4B6A77B6BFFE2D10B4CD11E9856542A161D20C1BAC13790F12D87072F055F5 ] STGMFEngine64 C:\Windows\system32\drivers\STGMFEngine64.sys 08:42:49.0432 0x1ad8 STGMFEngine64 - ok 08:42:49.0526 0x1ad8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 08:42:49.0573 0x1ad8 stisvc - ok 08:42:49.0573 0x1ad8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 08:42:49.0588 0x1ad8 swenum - ok 08:42:49.0619 0x1ad8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 08:42:49.0666 0x1ad8 swprv - ok 08:42:49.0713 0x1ad8 [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10 C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe 08:42:49.0729 0x1ad8 SXDS10 - ok 08:42:49.0760 0x1ad8 [ E157A3A7A09BDBB74AFEAB352D5D76F1, 2CDB47B68A5DA7BDE02594CCA969B1FDD1444CC150A11D4F31B790B022B9CE86 ] SynTP C:\Windows\system32\drivers\SynTP.sys 08:42:49.0853 0x1ad8 SynTP - ok 08:42:49.0994 0x1ad8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 08:42:50.0056 0x1ad8 SysMain - ok 08:42:50.0072 0x1ad8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 08:42:50.0087 0x1ad8 TabletInputService - ok 08:42:50.0119 0x1ad8 [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 08:42:50.0197 0x1ad8 taphss6 - ok 08:42:50.0212 0x1ad8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 08:42:50.0259 0x1ad8 TapiSrv - ok 08:42:50.0306 0x1ad8 [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys 08:42:50.0399 0x1ad8 tbhsd - ok 08:42:50.0524 0x1ad8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 08:42:50.0587 0x1ad8 Tcpip - ok 08:42:50.0680 0x1ad8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 08:42:50.0743 0x1ad8 TCPIP6 - ok 08:42:50.0758 0x1ad8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 08:42:50.0774 0x1ad8 tcpipreg - ok 08:42:50.0805 0x1ad8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 08:42:50.0821 0x1ad8 TDPIPE - ok 08:42:50.0836 0x1ad8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 08:42:50.0852 0x1ad8 TDTCP - ok 08:42:50.0930 0x1ad8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 08:42:50.0961 0x1ad8 tdx - ok 08:42:50.0977 0x1ad8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 08:42:50.0992 0x1ad8 TermDD - ok 08:42:51.0039 0x1ad8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 08:42:51.0070 0x1ad8 TermService - ok 08:42:51.0101 0x1ad8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 08:42:51.0117 0x1ad8 Themes - ok 08:42:51.0148 0x1ad8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 08:42:51.0179 0x1ad8 THREADORDER - ok 08:42:51.0211 0x1ad8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 08:42:51.0257 0x1ad8 TrkWks - ok 08:42:51.0304 0x1ad8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 08:42:51.0335 0x1ad8 TrustedInstaller - ok 08:42:51.0367 0x1ad8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 08:42:51.0367 0x1ad8 tssecsrv - ok 08:42:51.0398 0x1ad8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 08:42:51.0413 0x1ad8 TsUsbFlt - ok 08:42:51.0429 0x1ad8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 08:42:51.0445 0x1ad8 TsUsbGD - ok 08:42:51.0491 0x1ad8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 08:42:51.0523 0x1ad8 tunnel - ok 08:42:51.0538 0x1ad8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 08:42:51.0554 0x1ad8 uagp35 - ok 08:42:51.0585 0x1ad8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 08:42:51.0616 0x1ad8 udfs - ok 08:42:51.0757 0x1ad8 [ 13BFF97E926BF8D9C1230CECC371A0C0, 2A15D85E41D3986401D74CBCA36E190E82A61F99EECE0AB85A1CF2A57C60FD85 ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe 08:42:51.0772 0x1ad8 UI Assistant Service - ok 08:42:51.0803 0x1ad8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 08:42:51.0819 0x1ad8 UI0Detect - ok 08:42:51.0850 0x1ad8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 08:42:51.0866 0x1ad8 uliagpkx - ok 08:42:51.0881 0x1ad8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 08:42:51.0897 0x1ad8 umbus - ok 08:42:51.0897 0x1ad8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 08:42:51.0913 0x1ad8 UmPass - ok 08:42:52.0022 0x1ad8 [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 08:42:52.0115 0x1ad8 UNS - ok 08:42:52.0225 0x1ad8 [ 8696D63F9EFE3DE97B0F6666E3F232BE, 9C9B148715DDED6FCD047854698AF1F58C45C2AB6655D3C4FED61C059E296E41 ] updatesvca C:\Windows\system32\updatesvca.dll 08:42:52.0256 0x1ad8 updatesvca - detected UnsignedFile.Multi.Generic ( 1 ) 08:42:52.0256 0x1ad8 updatesvca ( UnsignedFile.Multi.Generic ) - warning 08:42:52.0256 0x1ad8 Force sending object to P2P due to detect: updatesvca 08:42:52.0256 0x1ad8 Object send P2P result: false 08:42:52.0287 0x1ad8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 08:42:52.0334 0x1ad8 upnphost - ok 08:42:52.0381 0x1ad8 [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 08:42:52.0396 0x1ad8 upperdev - ok 08:42:52.0443 0x1ad8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 08:42:52.0459 0x1ad8 usbaudio - ok 08:42:52.0490 0x1ad8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 08:42:52.0505 0x1ad8 usbccgp - ok 08:42:52.0537 0x1ad8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 08:42:52.0552 0x1ad8 usbcir - ok 08:42:52.0568 0x1ad8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 08:42:52.0583 0x1ad8 usbehci - ok 08:42:52.0615 0x1ad8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 08:42:52.0630 0x1ad8 usbhub - ok 08:42:52.0646 0x1ad8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 08:42:52.0661 0x1ad8 usbohci - ok 08:42:52.0677 0x1ad8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 08:42:52.0693 0x1ad8 usbprint - ok 08:42:52.0739 0x1ad8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 08:42:52.0739 0x1ad8 usbscan - ok 08:42:52.0771 0x1ad8 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 08:42:52.0786 0x1ad8 usbser - ok 08:42:52.0833 0x1ad8 [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 08:42:52.0849 0x1ad8 UsbserFilt - ok 08:42:52.0927 0x1ad8 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 08:42:52.0958 0x1ad8 USBSTOR - ok 08:42:52.0989 0x1ad8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 08:42:53.0005 0x1ad8 usbuhci - ok 08:42:53.0067 0x1ad8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 08:42:53.0098 0x1ad8 usbvideo - ok 08:42:53.0129 0x1ad8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 08:42:53.0161 0x1ad8 UxSms - ok 08:42:53.0176 0x1ad8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\Windows\system32\lsass.exe 08:42:53.0192 0x1ad8 VaultSvc - ok 08:42:53.0223 0x1ad8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 08:42:53.0223 0x1ad8 vdrvroot - ok 08:42:53.0254 0x1ad8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 08:42:53.0301 0x1ad8 vds - ok 08:42:53.0332 0x1ad8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 08:42:53.0348 0x1ad8 vga - ok 08:42:53.0348 0x1ad8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 08:42:53.0379 0x1ad8 VgaSave - ok 08:42:53.0426 0x1ad8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 08:42:53.0441 0x1ad8 vhdmp - ok 08:42:53.0457 0x1ad8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 08:42:53.0473 0x1ad8 viaide - ok 08:42:53.0504 0x1ad8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 08:42:53.0519 0x1ad8 volmgr - ok 08:42:53.0551 0x1ad8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 08:42:53.0566 0x1ad8 volmgrx - ok 08:42:53.0582 0x1ad8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 08:42:53.0613 0x1ad8 volsnap - ok 08:42:53.0629 0x1ad8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 08:42:53.0644 0x1ad8 vsmraid - ok 08:42:53.0722 0x1ad8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 08:42:53.0800 0x1ad8 VSS - ok 08:42:53.0800 0x1ad8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 08:42:53.0816 0x1ad8 vwifibus - ok 08:42:53.0847 0x1ad8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 08:42:53.0863 0x1ad8 vwififlt - ok 08:42:53.0863 0x1ad8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 08:42:53.0878 0x1ad8 vwifimp - ok 08:42:53.0925 0x1ad8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 08:42:53.0972 0x1ad8 W32Time - ok 08:42:53.0987 0x1ad8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 08:42:54.0003 0x1ad8 WacomPen - ok 08:42:54.0034 0x1ad8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 08:42:54.0065 0x1ad8 WANARP - ok 08:42:54.0081 0x1ad8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 08:42:54.0112 0x1ad8 Wanarpv6 - ok 08:42:54.0190 0x1ad8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 08:42:54.0237 0x1ad8 WatAdminSvc - ok 08:42:54.0315 0x1ad8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 08:42:54.0377 0x1ad8 wbengine - ok 08:42:54.0393 0x1ad8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 08:42:54.0409 0x1ad8 WbioSrvc - ok 08:42:54.0440 0x1ad8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 08:42:54.0471 0x1ad8 wcncsvc - ok 08:42:54.0487 0x1ad8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 08:42:54.0487 0x1ad8 WcsPlugInService - ok 08:42:54.0518 0x1ad8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 08:42:54.0549 0x1ad8 Wd - ok 08:42:54.0611 0x1ad8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 08:42:54.0643 0x1ad8 Wdf01000 - ok 08:42:54.0658 0x1ad8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 08:42:54.0674 0x1ad8 WdiServiceHost - ok 08:42:54.0689 0x1ad8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 08:42:54.0705 0x1ad8 WdiSystemHost - ok 08:42:54.0736 0x1ad8 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 08:42:54.0767 0x1ad8 WebClient - ok 08:42:54.0799 0x1ad8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 08:42:54.0845 0x1ad8 Wecsvc - ok 08:42:54.0861 0x1ad8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 08:42:54.0892 0x1ad8 wercplsupport - ok 08:42:54.0908 0x1ad8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 08:42:54.0955 0x1ad8 WerSvc - ok 08:42:54.0986 0x1ad8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 08:42:55.0033 0x1ad8 WfpLwf - ok 08:42:55.0048 0x1ad8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 08:42:55.0064 0x1ad8 WIMMount - ok 08:42:55.0079 0x1ad8 WinDefend - ok 08:42:55.0111 0x1ad8 WinHttpAutoProxySvc - ok 08:42:55.0173 0x1ad8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 08:42:55.0235 0x1ad8 Winmgmt - ok 08:42:55.0345 0x1ad8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 08:42:55.0407 0x1ad8 WinRM - ok 08:42:55.0454 0x1ad8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 08:42:55.0469 0x1ad8 WinUsb - ok 08:42:55.0563 0x1ad8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 08:42:55.0594 0x1ad8 Wlansvc - ok 08:42:55.0766 0x1ad8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 08:42:55.0828 0x1ad8 wlidsvc - ok 08:42:55.0859 0x1ad8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 08:42:55.0875 0x1ad8 WmiAcpi - ok 08:42:55.0906 0x1ad8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 08:42:55.0937 0x1ad8 wmiApSrv - ok 08:42:55.0969 0x1ad8 WMPNetworkSvc - ok 08:42:56.0000 0x1ad8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 08:42:56.0031 0x1ad8 WPCSvc - ok 08:42:56.0047 0x1ad8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 08:42:56.0062 0x1ad8 WPDBusEnum - ok 08:42:56.0093 0x1ad8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 08:42:56.0125 0x1ad8 ws2ifsl - ok 08:42:56.0140 0x1ad8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll 08:42:56.0156 0x1ad8 wscsvc - ok 08:42:56.0171 0x1ad8 WSearch - ok 08:42:56.0327 0x1ad8 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll 08:42:56.0405 0x1ad8 wuauserv - ok 08:42:56.0437 0x1ad8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 08:42:56.0452 0x1ad8 WudfPf - ok 08:42:56.0499 0x1ad8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 08:42:56.0546 0x1ad8 WUDFRd - ok 08:42:56.0577 0x1ad8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 08:42:56.0593 0x1ad8 wudfsvc - ok 08:42:56.0608 0x1ad8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 08:42:56.0639 0x1ad8 WwanSvc - ok 08:42:56.0749 0x1ad8 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 08:42:56.0780 0x1ad8 ZeroConfigService - ok 08:42:56.0811 0x1ad8 [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys 08:42:56.0827 0x1ad8 ZTEusbmdm6k - ok 08:42:56.0827 0x1ad8 ZTEusbnet - ok 08:42:56.0842 0x1ad8 [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys 08:42:56.0858 0x1ad8 ZTEusbnmea - ok 08:42:56.0873 0x1ad8 [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys 08:42:56.0873 0x1ad8 ZTEusbser6k - ok 08:42:56.0920 0x1ad8 ================ Scan global =============================== 08:42:56.0967 0x1ad8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 08:42:57.0045 0x1ad8 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll 08:42:57.0107 0x1ad8 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll 08:42:57.0139 0x1ad8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 08:42:57.0232 0x1ad8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 08:42:57.0248 0x1ad8 [ Global ] - ok 08:42:57.0248 0x1ad8 ================ Scan MBR ================================== 08:42:57.0263 0x1ad8 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 08:42:59.0822 0x1ad8 \Device\Harddisk0\DR0 - ok 08:42:59.0822 0x1ad8 ================ Scan VBR ================================== 08:42:59.0822 0x1ad8 [ F7023CE49E6D63390E01C4A2AD200ECB ] \Device\Harddisk0\DR0\Partition1 08:42:59.0837 0x1ad8 \Device\Harddisk0\DR0\Partition1 - ok 08:42:59.0837 0x1ad8 [ 5EFB57CA4AAA1E2F009B706ADFCD77F0 ] \Device\Harddisk0\DR0\Partition2 08:42:59.0837 0x1ad8 \Device\Harddisk0\DR0\Partition2 - ok 08:42:59.0853 0x1ad8 [ E733BC0073BE27336311323D0B612C7A ] \Device\Harddisk0\DR0\Partition3 08:42:59.0853 0x1ad8 \Device\Harddisk0\DR0\Partition3 - ok 08:42:59.0853 0x1ad8 ================ Scan generic autorun ====================== 08:42:59.0853 0x1ad8 SynTPEnh - ok 08:42:59.0962 0x1ad8 [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe 08:42:59.0993 0x1ad8 Dolby Advanced Audio v2 - ok 08:43:00.0118 0x1ad8 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 08:43:00.0212 0x1ad8 avgnt - ok 08:43:00.0259 0x1ad8 [ 195C0AF499876B57764D478E8B883EFA, 3307AC1A1D4447929F69F4A9062CF35873F4BB5E2AB15A920790FE274AFA6DE8 ] C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe 08:43:00.0290 0x1ad8 Steganos HotKeys - detected UnsignedFile.Multi.Generic ( 1 ) 08:43:00.0290 0x1ad8 Steganos HotKeys ( UnsignedFile.Multi.Generic ) - warning 08:43:00.0305 0x1ad8 [ EE4EF98969B0B03FBF978C025FCD3838, C8112DD6A7AA63483B515E413720D8A4F7CD0CB6FC95713086F762EA9C98D376 ] C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe 08:43:00.0321 0x1ad8 SSS14 File Redirection Starter - detected UnsignedFile.Multi.Generic ( 1 ) 08:43:00.0321 0x1ad8 SSS14 File Redirection Starter ( UnsignedFile.Multi.Generic ) - warning 08:43:00.0446 0x1ad8 [ 97B71ADAABD4E9468FCFA58E99133C42, 03AFEBBA2257BC9457B7A3976174B1CD329AE84806F794DA1ADF389E3D87F132 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 08:43:00.0539 0x1ad8 Avira SystrayStartTrigger - ok 08:43:00.0711 0x1ad8 [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe 08:43:00.0805 0x1ad8 Wondershare Helper Compact.exe - ok 08:43:01.0023 0x1ad8 [ 07497AF28A0D0BC1D50260A7F5758F96, 01B32D21B40033D5792E3B943001022744EF0ABCED7CF7024AD333164ACD0506 ] C:\ProgramData\Wondershare\Player\DelayPluginI.exe 08:43:01.0132 0x1ad8 DelaypluginInstall - ok 08:43:01.0226 0x1ad8 [ 059B8158C08C82C78DC6A8153A2467A4, 8E88DBC785CF679D238DC5CCBF0C79B03B30F742CF0FC6427AD0AD2AD5943169 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 08:43:01.0273 0x1ad8 SunJavaUpdateSched - ok 08:43:01.0382 0x1ad8 [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe 08:43:01.0413 0x1ad8 Malwarebytes Anti-Malware (cleanup) - ok 08:43:01.0507 0x1ad8 Google Update - ok 08:43:01.0553 0x1ad8 BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110} - ok 08:43:01.0569 0x1ad8 GoogleDriveSync - ok 08:43:01.0678 0x1ad8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 08:43:01.0756 0x1ad8 Sidebar - ok 08:43:01.0803 0x1ad8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 08:43:01.0819 0x1ad8 mctadmin - ok 08:43:01.0881 0x1ad8 [ 522D7C043890F3D27D56548871959D9C, 7D77AD83AF781336C5F30C073F99EA6669F27832A3198055B7432FE16CA3FC37 ] C:\Windows\Web\Wallpaper\MEDION\start.vbs 08:43:01.0897 0x1ad8 Screensaver - detected UnsignedFile.Multi.Generic ( 1 ) 08:43:01.0897 0x1ad8 Screensaver ( UnsignedFile.Multi.Generic ) - warning 08:43:01.0897 0x1ad8 Force sending object to P2P due to detect: C:\Windows\Web\Wallpaper\MEDION\start.vbs 08:43:01.0912 0x1ad8 Object send P2P result: false 08:43:02.0006 0x1ad8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 08:43:02.0053 0x1ad8 Sidebar - ok 08:43:02.0053 0x1ad8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 08:43:02.0068 0x1ad8 mctadmin - ok 08:43:02.0084 0x1ad8 [ 522D7C043890F3D27D56548871959D9C, 7D77AD83AF781336C5F30C073F99EA6669F27832A3198055B7432FE16CA3FC37 ] C:\Windows\Web\Wallpaper\MEDION\start.vbs 08:43:02.0084 0x1ad8 Screensaver - detected UnsignedFile.Multi.Generic ( 1 ) 08:43:02.0084 0x1ad8 Screensaver ( UnsignedFile.Multi.Generic ) - warning 08:43:02.0084 0x1ad8 Force sending object to P2P due to detect: C:\Windows\Web\Wallpaper\MEDION\start.vbs 08:43:02.0084 0x1ad8 Object send P2P result: false 08:43:02.0193 0x1ad8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 08:43:02.0240 0x1ad8 Sidebar - ok 08:43:02.0240 0x1ad8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 08:43:02.0255 0x1ad8 mctadmin - ok 08:43:02.0255 0x1ad8 [ 522D7C043890F3D27D56548871959D9C, 7D77AD83AF781336C5F30C073F99EA6669F27832A3198055B7432FE16CA3FC37 ] C:\Windows\Web\Wallpaper\MEDION\start.vbs 08:43:02.0271 0x1ad8 Screensaver - detected UnsignedFile.Multi.Generic ( 1 ) 08:43:02.0271 0x1ad8 Screensaver ( UnsignedFile.Multi.Generic ) - warning 08:43:02.0287 0x1ad8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated ) 08:43:02.0287 0x1ad8 Win FW state via NFP2: enabled ( trusted ) 08:43:02.0287 0x1ad8 ============================================================ 08:43:02.0287 0x1ad8 Scan finished 08:43:02.0287 0x1ad8 ============================================================ 08:43:02.0287 0x1100 Detected object count: 16 08:43:02.0287 0x1100 Actual detected object count: 16 08:44:34.0247 0x1100 DBService ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0247 0x1100 DBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0248 0x1100 FARMNTIO ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0248 0x1100 FARMNTIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0249 0x1100 GFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0249 0x1100 GFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0250 0x1100 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0250 0x1100 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0252 0x1100 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0252 0x1100 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0253 0x1100 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0253 0x1100 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0254 0x1100 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0254 0x1100 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0255 0x1100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0255 0x1100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0256 0x1100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0256 0x1100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0257 0x1100 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0257 0x1100 Printer Control ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0259 0x1100 updatesvca ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0259 0x1100 updatesvca ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0260 0x1100 Steganos HotKeys ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0260 0x1100 Steganos HotKeys ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0261 0x1100 SSS14 File Redirection Starter ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0261 0x1100 SSS14 File Redirection Starter ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0262 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0263 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0264 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0264 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:44:34.0265 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - skipped by user 08:44:34.0265 0x1100 Screensaver ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:51:37.0301 0x1a10 Deinitialize success Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.07.2016 Suchlaufzeit: 09:14 Protokolldatei: mbam_2016_07_09.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.07.09.04 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Bernhard Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 518284 Abgelaufene Zeit: 30 Min., 14 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
09.07.2016, 21:14
| #7 | |
| /// TB-Ausbilder | werde ask.gen nicht los Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.
|
|
11.07.2016, 14:18
| #8 |
| | werde ask.gen nicht los Die Tools hatte ich auf dem Desktop im Ordner "Trojanerboard" gespeichert. Noch mal die FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01 durchgeführt von Bernhard (Administrator) auf BERNHARD-PC (11-07-2016 15:12:30) Gestartet von C:\Users\Bernhard\Desktop Geladene Profile: Bernhard & _pcwelt_backup_ez_ & (Verfügbare Profile: Bernhard & Admin & _supereasy_backup_ & _pcwelt_backup_ez_) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe () C:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe () C:\Program Files (x86)\PHotkey\PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\PHotkey\POsd.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\PHotkey\GPMTray.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2014-02-25] (Steganos Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Player\DelayPluginI.exe [1960008 2014-09-19] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [55264 2016-03-10] (Malwarebytes) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH) HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X] HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] () HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) ShellIconOverlayIdentifiers: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2014-12-10] (O&O Software GmbH) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{FDD6BC44-B98E-44E0-BFF0-D8BE66E39A8A}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {1BD434D9-3938-4222-82CA-9131A398E177} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1BD434D9-3938-4222-82CA-9131A398E177} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader) BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader) BHO-x32: Wondershare Player 1.6.0 -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [2014-09-19] (Wondershare) BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.) BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll [2013-10-15] (Nuance Communications, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-08] (Oracle Corporation) BHO-x32: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-08] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent64.dll [2013-12-23] (soft Xpansion) Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll [2013-07-17] (Steganos Software GmbH) Toolbar: HKLM-x32 - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent32.dll [2013-12-23] (soft Xpansion) Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll [2014-02-25] (Steganos Software GmbH) Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525 FF Homepage: hxxp://gmx.net/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-26] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll [2014-11-11] (Musicnotes, Inc.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-26] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll [2014-11-11] (Musicnotes, Inc.) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] () FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-10-16] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-10-16] (RealTimes) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications Inc.) FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online) FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online) FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-01-03] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-01-03] (RealPlayer) FF Extension: ColorZilla - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-02-17] FF Extension: NoScript - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08] FF Extension: Save as PDF - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-27] FF Extension: Print Edit - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\printedit@DW-dev.xpi [2016-05-22] FF Extension: Simple Popup Blocker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\@simplepopupblocker.xpi [2016-06-27] FF Extension: colorPicker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\colorPicker@colorPicker.xpi [2016-04-27] FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-02-17] FF Extension: Text to PDF file - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2016-01-23] FF Extension: Video DownloadHelper - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-06] FF Extension: Adblock Plus - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30] FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2016-06-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2016-04-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com FF Extension: Wondershare Player - C:\ProgramData\Wondershare\Player\Player@Wondershare.com [2016-06-28] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26] CHR Extension: (Google Drive) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26] CHR Extension: (YouTube) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26] CHR Extension: (Adblock Plus) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-27] CHR Extension: (Google-Suche) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26] CHR Extension: (SpeedTao Download Helper) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eifpflhplblejfpibogcnnepoldboioh [2013-09-27] CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03] CHR Extension: (RealDownloader) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-13] CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-04-13] CHR Extension: (Norton Identity Protection) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-07] CHR Extension: (Ghostery) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-02] CHR Extension: (Chrome In-App Payments service) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07] CHR Extension: (Google Mail) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRChromePlugin.crx [2015-11-11] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03] CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-19] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-05-02] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert] R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert] S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] () R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S2 Net Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7704312 2014-12-10] (O&O Software GmbH) R2 pcwelt_backup_ez; c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe [23880 2015-11-12] () S2 Pml Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [122368 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert] S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] () R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-16] (RealNetworks, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [Datei ist nicht signiert] S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] () S2 updatesvca; C:\Windows\system32\updatesvca.dll [209920 2013-03-04] (Digital Dynamic) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) U0 asfp; C:\Windows\System32\drivers\pyqrct.sys [79064 2016-07-07] (Malwarebytes) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-19] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert] R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.) S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software) R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2014-12-10] (O&O Software GmbH) R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2014-12-10] (O&O Software GmbH) R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2014-12-10] (O&O Software GmbH) R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2014-12-10] (O&O Software GmbH) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - ) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-07] (Windows (R) Win 7 DDK provider) R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-01-28] () R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.) S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [Datei ist nicht signiert] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-11 15:12 - 2016-07-11 15:12 - 00000000 ____D C:\Users\Bernhard\Desktop\FRST-OlderVersion 2016-07-09 09:49 - 2016-07-09 09:50 - 00000000 ____D C:\Users\Bernhard\Desktop\Malwarebytes 2016-07-09 08:37 - 2016-07-09 08:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Bernhard\Desktop\tdsskiller.exe 2016-07-09 08:12 - 2016-07-11 15:12 - 02390528 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64.exe 2016-07-09 08:12 - 2016-07-11 15:06 - 00000000 ____D C:\Users\Bernhard\Desktop\Trojanerboard 2016-07-09 08:07 - 2016-07-09 08:07 - 00000000 ____D C:\Users\Bernhard\Downloads\Trojanerboard 2016-07-08 14:24 - 2016-07-08 14:24 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-07-08 14:23 - 2016-07-08 14:23 - 00000000 ____D C:\Program Files (x86)\Java 2016-07-07 13:13 - 2016-07-07 13:13 - 00079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\pyqrct.sys 2016-07-06 01:15 - 2016-07-06 01:15 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Audacity 2016-07-06 01:14 - 2016-07-06 01:14 - 00001015 _____ C:\Users\Public\Desktop\Audacity.lnk 2016-07-06 01:03 - 2016-07-06 01:03 - 00000000 ____D C:\Program Files (x86)\FFmpeg for Audacity 2016-07-06 00:59 - 2016-07-06 01:00 - 09957947 _____ ( ) C:\Users\Bernhard\Downloads\ffmpeg-win-2.2.2.exe 2016-07-06 00:53 - 2016-07-06 00:53 - 26496761 _____ (Audacity Team ) C:\Users\Bernhard\Downloads\audacity-win-2.1.2.exe 2016-07-06 00:48 - 2016-07-06 01:21 - 00000000 ____D C:\Users\Bernhard\Desktop\17 Test 2016-07-06 00:48 - 2016-07-06 00:48 - 00000000 ____D C:\Users\Bernhard\Desktop\Neuer Ordner 2016-07-05 07:55 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Bernhard\Desktop\Audac 2016-07-04 16:24 - 2016-07-04 17:05 - 00000000 ____D C:\Users\Bernhard\Desktop\Musik Utto 2016-07-01 00:49 - 2016-07-01 00:49 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Steganos 2016-06-28 20:41 - 2016-06-28 20:41 - 00001151 _____ C:\Users\Public\Desktop\Wondershare Player.lnk 2016-06-28 20:40 - 2016-07-04 16:23 - 00000000 ____D C:\ProgramData\Wondershare Player 2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ C:\Windows\SysWOW64\WPShellExt64.dll 2016-06-28 18:36 - 2016-06-28 18:36 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-06-27 09:35 - 2015-03-12 11:10 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll 2016-06-27 09:34 - 2016-06-27 09:34 - 00001191 _____ C:\Users\Public\Desktop\Wondershare PDFelement.lnk 2016-06-27 09:34 - 2016-06-27 09:34 - 00000000 ____D C:\ProgramData\PDFEditor 2016-06-26 19:57 - 2016-06-26 19:59 - 00000000 ____D C:\Users\Bernhard\Desktop\LL 2016-06-12 10:42 - 2016-06-27 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-11 15:12 - 2014-09-15 11:18 - 00048860 _____ C:\Users\Bernhard\Desktop\FRST.txt 2016-07-11 15:12 - 2013-09-25 09:44 - 00000000 ____D C:\FRST 2016-07-09 09:14 - 2014-08-22 15:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-09 08:10 - 2012-07-25 15:02 - 00074752 ___SH C:\Users\Bernhard\Thumbs.db 2016-07-09 08:04 - 2013-06-25 09:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Aktenschrank 2016-07-09 08:01 - 2014-09-21 21:14 - 00000000 ____D C:\Users\Bernhard\Desktop\Coaches 2016-07-09 07:53 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-09 07:53 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-09 07:46 - 2012-09-24 19:37 - 00000000 ____D C:\Users\Bernhard\Desktop\PC 2016-07-08 14:55 - 2013-01-17 21:50 - 00000000 ____D C:\Program Files\Java 2016-07-08 14:54 - 2014-11-14 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-07-08 14:24 - 2015-09-01 19:07 - 00000000 ____D C:\Users\Bernhard\.oracle_jre_usage 2016-07-08 14:19 - 2015-02-14 18:08 - 00738368 _____ (Oracle Corporation) C:\Users\Bernhard\Downloads\jxpiinstall.exe 2016-07-07 13:13 - 2013-12-05 19:55 - 00000000 ____D C:\Program Files\FileViewPro 2016-07-07 07:21 - 2012-09-11 20:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Maria 2016-07-06 01:20 - 2012-11-29 10:37 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Audacity 2016-07-06 01:15 - 2014-01-11 11:19 - 00000000 ____D C:\Program Files (x86)\Audacity 2016-07-06 01:14 - 2014-01-11 11:19 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-07-06 00:43 - 2015-11-11 19:21 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Free 2016-07-05 07:49 - 2015-11-11 19:25 - 00000000 ____D C:\ProgramData\xml_param 2016-07-04 17:18 - 2013-05-10 15:06 - 00000000 ____D C:\Users\Bernhard\AppData\Local\CrashDumps 2016-07-03 15:43 - 2012-02-21 20:50 - 00700134 _____ C:\Windows\system32\perfh007.dat 2016-07-03 15:43 - 2012-02-21 20:50 - 00149984 _____ C:\Windows\system32\perfc007.dat 2016-07-03 15:43 - 2009-07-14 07:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-03 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-07-01 00:48 - 2013-01-15 03:52 - 00327680 _____ C:\Windows\system32\Ikeext.etl 2016-07-01 00:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-30 16:38 - 2012-05-03 10:21 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\SoftGrid Client 2016-06-30 16:19 - 2012-10-04 12:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Löschen 2016-06-30 15:25 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Bernhard\Desktop\WordPress Homepageerstellung 2016-06-28 21:31 - 2013-10-26 10:54 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-28 20:41 - 2013-09-02 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2016-06-28 20:40 - 2014-03-15 09:05 - 00000000 ____D C:\ProgramData\Wondershare 2016-06-28 20:40 - 2013-09-02 16:34 - 00000000 ____D C:\Program Files (x86)\Wondershare 2016-06-28 18:36 - 2016-05-19 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-06-27 09:35 - 2013-12-11 09:23 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Wondershare 2016-06-27 00:46 - 2015-11-12 11:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-27 00:46 - 2013-03-19 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-26 19:59 - 2015-11-12 11:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-06-26 19:59 - 2015-07-08 21:16 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-06-26 19:59 - 2015-07-08 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-26 19:59 - 2014-06-23 22:13 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Adobe 2016-06-21 02:00 - 2016-01-30 21:42 - 00000000 ____D C:\Users\Bernhard\Desktop\SD Card 2016 2016-06-21 01:58 - 2014-07-23 07:37 - 00000000 ____D C:\Users\Bernhard\Desktop\Micro SDs ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-03-11 21:32 - 2016-04-07 12:21 - 0000138 _____ () C:\Users\Bernhard\AppData\Roaming\Camdata.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamLayout.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamShapes.ini 2013-03-11 21:32 - 2016-04-07 12:21 - 0004582 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.cfg 2013-03-11 21:29 - 2013-12-15 21:52 - 0000098 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.command 2013-03-11 21:30 - 2013-12-15 21:53 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.Data.ini 2013-03-11 21:30 - 2013-12-15 21:53 - 0001206 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.ini 2014-08-22 15:06 - 2014-08-22 15:06 - 0000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan 2013-10-11 12:09 - 2013-10-11 12:10 - 0003759 _____ () C:\Users\Bernhard\AppData\Roaming\moyea_dia.log 2014-03-27 15:47 - 2016-01-08 15:02 - 0002795 _____ () C:\Users\Bernhard\AppData\Roaming\SAS7_000.DAT 2013-01-28 09:37 - 2013-01-28 09:37 - 0001181 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt 2013-01-28 09:37 - 2013-01-28 09:37 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2014-01-09 02:52 - 2014-01-09 04:00 - 0000096 _____ () C:\Users\Bernhard\AppData\Roaming\version2.xml 2013-12-25 12:24 - 2016-05-15 13:24 - 0015360 _____ () C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-20 01:54 - 2014-01-18 13:47 - 0001495 _____ () C:\Users\Bernhard\AppData\Local\RecConfig.xml 2016-02-24 20:56 - 2016-02-24 20:56 - 0004352 _____ () C:\Users\Bernhard\AppData\Local\recently-used.xbel 2013-10-20 23:05 - 2014-07-07 18:13 - 0007602 _____ () C:\Users\Bernhard\AppData\Local\resmon.resmoncfg 2012-05-03 10:47 - 2012-05-03 10:47 - 0017408 _____ () C:\Users\Bernhard\AppData\Local\WebpageIcons.db 2015-08-14 21:23 - 2015-08-14 21:23 - 0000000 _____ () C:\Users\Bernhard\AppData\Local\{C50C67DE-E4BE-41E2-92F4-4BF1EED6D1D0} 2012-11-29 10:22 - 2016-03-15 00:17 - 0002858 _____ () C:\ProgramData\hpzinstall.log 2015-12-16 03:03 - 2015-12-16 03:03 - 0005078 _____ () C:\ProgramData\mzemgkrx.fuc Einige Dateien in TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\avgnt.exe C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe C:\Users\Bernhard\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Bernhard\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Bernhard\AppData\Local\Temp\SkypeSetup.exe C:\Users\Bernhard\AppData\Local\Temp\_is82B7.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-28 21:42 ==================== Ende von FRST.txt ============================ |
|
11.07.2016, 14:20
| #9 |
| | werde ask.gen nicht los Und die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (2016-07-11 15:13:14)
Gestartet von C:\Users\Bernhard\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-03 08:02:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-4070342091-3793343965-3738386277-1003 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4070342091-3793343965-3738386277-500 - Administrator - Disabled)
Bernhard (S-1-5-21-4070342091-3793343965-3738386277-1000 - Administrator - Enabled) => C:\Users\Bernhard
Gast (S-1-5-21-4070342091-3793343965-3738386277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070342091-3793343965-3738386277-1002 - Limited - Enabled)
_pcwelt_backup_ez_ (S-1-5-21-4070342091-3793343965-3738386277-1009 - Administrator - Enabled) => C:\Users\_pcwelt_backup_ez_
_supereasy_backup_ (S-1-5-21-4070342091-3793343965-3738386277-1008 - Administrator - Enabled) => C:\Users\_supereasy_backup_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: - Amazon)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version: - AnVir Software)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{5863B6EF-76D0-4FF8-AA2F-EEBE7CC49DAA}) (Version: - ArcSoft)
ArcSoft VideoImpression 2 (HKLM-x32\...\{5339885F-4597-4343-BD3B-74280CC79424}) (Version: - ArcSoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audials (HKLM-x32\...\{85B5CB65-2AC3-4C1C-A950-B20DE5520C79}) (Version: 10.2.19305.500 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version: - AVM Berlin)
Biet-O-Matic v2.14.10 (HKLM-x32\...\Biet-O-Matic v2.14.10) (Version: 2.14.10 - BOM Development Team)
Bitrix24 for Windows (HKLM-x32\...\Bitrix24) (Version: 3.4.31.31 - Bitrix, Inc)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version: - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
ColorPage-SF600 (HKLM-x32\...\{A5505456-B9C3-43DA-A588-F6947422C134}) (Version: V4.3.0 - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkWave Studio 4.0.9 (HKLM-x32\...\DarkWave Studio) (Version: 4.0.9 - ExperimentalScene)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
f4 2012 (HKLM-x32\...\f42012) (Version: - audiotranskription.de)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LightScribe Applications (HKLM-x32\...\{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}) (Version: 1.18.5.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version: - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Video Editor 10 SE (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.1.2 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.0.223 - O&O Software GmbH)
oCam version 16.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 16.0.0.0 - hxxp://ohsoft.net/)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paragon Festplatten Tools™ 2015 (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-WELT Backup Easy (HKLM\...\PC-WELT Backup Easy) (Version: 1.19 - IDG Tech Media GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.0.1243 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sigel BusinessCardSoftware Demo (HKLM-x32\...\Sigel BusinessCardSoftware Demo) (Version: - )
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (x32 Version: 3.0.6.28 - StarFinanz) Hidden
StarMoney 8.0 (HKLM-x32\...\{2E36EB70-A4D8-4CD0-915D-0ACAAED6A918}) (Version: 8.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steganos Password Manager 14 (HKLM-x32\...\{C83404F0-D7FA-4069-94AB-2F34FDA22AA8}) (Version: 14.2 - Steganos Software GmbH)
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.2 - Steganos Software GmbH)
Stickies 7.1d (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
StudioLine Photo Classic 3 SE (HKLM-x32\...\{53BDE9F4-79D1-4E2D-B7A4-4D3663419BAB}) (Version: 3.70.50.1 - H&M System Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\WinDirStat) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Product Image (05/02/2002 1.0.1.1) (HKLM\...\F408A29B912DF89043C0C67FB04AE7CF4A67FF97) (Version: 05/02/2002 1.0.1.1 - Product)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare PDFelement(Build 4.0.1) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.1.4 - Wondershare Software Co.,Ltd.)
Wondershare Player(Build 1.6.1) (HKLM-x32\...\Wondershare Player_is1) (Version: 1.6.1.0 - Wondershare)
Wunderlist (HKLM-x32\...\{1cdbee75-ad10-47e7-b5c4-1f051f899978}) (Version: 2.3.0.30 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.30 - 6 Wunderkinder GmbH) Hidden
Zweckform Etiketten Assistent (HKLM-x32\...\Zweckform Etiketten Assistent) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0D8F44A2-12F9-4D2D-810C-416C83F570A6} - System32\Tasks\{7F7E2F3B-EF44-43AA-9947-935E9B56B37C} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {0DFBFFF2-B0BB-45B1-9284-16317CDD74EF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {0F526937-5C13-40D9-AD0C-4B4AB398A47E} - System32\Tasks\{38D79D0C-9D17-4C60-95CA-4B367CDFDF11} => pcalua.exe -a E:\PROGRAM\GERMAN\rmb\setup_x64.exe -d E:\PROGRAM\GERMAN\rmb
Task: {119695C5-3BED-40B0-9BF0-EB16C8F0362E} - System32\Tasks\{6CFDF215-3B31-4E0B-A934-95C32A086566} => pcalua.exe -a F:\setup_f.exe -d F:\
Task: {1253A9A4-F396-498A-8533-D5593CE77E41} - System32\Tasks\{86587C49-245F-4A8B-9A0A-486EB72072C1} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {143E9C67-70DB-45A4-824C-F6F026A9BDD2} - System32\Tasks\{99E55DA8-7CB1-41BA-A0D1-C985A76C7213} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {1EA9C5EC-A782-484A-9625-3C319562949C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {25FE5305-7D03-4223-9F19-DDD1F2EEE4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-26] (Adobe Systems Incorporated)
Task: {347DB677-28B4-475A-91D5-030F4F7DAF3D} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {34972354-32B6-4AA0-8B09-A11B6B59EC88} - System32\Tasks\{485E4FEF-32A1-4B05-8080-C4F815720167} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {4C3BF434-CB48-46E3-AFD3-03B4C523E18D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4DC13273-DC82-43E4-8045-AC62928EE457} - System32\Tasks\{EED6B82B-CB5A-4F84-8A34-C1EE5D6C5CC7} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {5B04776D-F2FC-4941-B435-DE63FB9B90BA} - System32\Tasks\{1D1A8A18-7950-41F2-BD97-5641FB750FB2} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {5FAE9FF5-BC24-41EF-A40D-75730FA50529} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {72091BCB-DCCE-43F6-A76A-4C8EA9514D1F} - System32\Tasks\{47B10711-FF6D-48E1-A80E-0C29DE09EF4D} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
Task: {7790F5CA-8F62-47E6-A91D-5E99D9D90CED} - System32\Tasks\{BB4D84AD-6D4A-4AE9-8BDD-6E099740DBD6} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {7A33E08A-C524-4214-AFE4-8F792B3D77C4} - System32\Tasks\ReclaimerResumeInstall_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {7D24F5A0-4FE0-4392-88E3-6D463E2A6561} - System32\Tasks\{4DB20908-7514-4312-A1EA-BB226D90C566} => pcalua.exe -a F:\ColorPage-SF600\Setup\SETUP.EXE -d F:\ColorPage-SF600\Setup
Task: {7F585A86-52A3-4450-B126-EAB423463D98} - System32\Tasks\{EFCB28CE-4DF3-45BF-BFA8-AE6AEC600140} => pcalua.exe -a C:\Users\Bernhard\Downloads\fmp_setup.exe -d C:\Users\Bernhard\Downloads
Task: {7FCD9305-61E5-423D-A8EF-6C05C063BB06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {96480441-EFC8-411C-8FA9-1D73D888B756} - System32\Tasks\{2DD33BBB-46F0-4858-A078-E254CE47E6B3} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {97E2772A-B4F8-4C09-B1E1-12E8CC346DF9} - System32\Tasks\{C03F0FDB-3AD8-4F2F-BC14-AA8766D05E72} => pcalua.exe -a C:\Users\Bernhard\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {9BBF4107-FD93-4C12-85D5-4F8C6F5D0FE7} - System32\Tasks\{54B13488-53E8-40B0-9D34-52CAB98CCD35} => pcalua.exe -a F:\Audials-One\TrekStor_AudialsOne8_SE.exe -d F:\Audials-One
Task: {A037188E-6F91-4AFD-84D8-97961F8C65D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {A8B56FC8-7265-4657-BCE9-FFEE3C98BA58} - System32\Tasks\{E7A9CAE4-4B85-4EAD-968D-7A7129D2B520} => pcalua.exe -a E:\Notfall-4-Setup.exe -d E:\
Task: {AB6EB7EA-CC34-42A8-AB2C-806E13212C6F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe
Task: {B040F48C-E6D6-4DFB-9319-02A31FAD9A44} - System32\Tasks\{0F7E1A9B-0443-4225-A10F-56142B061744} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {B0A74DAC-2A82-4734-A2FD-F53FA80FD4CD} - System32\Tasks\ReclaimerResumeInstallLogin_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {BFF44E6B-0E2B-40C4-87A7-48A8D337F257} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {C228335C-2A01-48C3-A681-034FABC44C84} - System32\Tasks\{624950FD-F4CC-4D02-8319-AA439B030D95} => pcalua.exe -a "C:\Program Files (x86)\Sigel\BusinessCard Software\BusinessCardDemo.exe"
Task: {CBB5779C-CD71-4D3A-B6CC-565C1E5492AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {CBD65DD2-23AB-4B37-8E5D-09E9F6532B4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {CDF3F9DD-47A6-4D1C-ACA3-4B69FEB88881} - System32\Tasks\{753244C6-DC45-427A-8BCE-FAF0BEDAC406} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {D3D1D49C-1107-4D8D-B0BC-8BF0B555EE84} - System32\Tasks\{D26BBEE7-B8A7-4DEA-90DF-B9C8C6511558} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {DC59771F-0A7A-4F52-89E9-24E2E1BC9E73} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-09-16] ()
Task: {DD9E7AF3-2FEC-4132-B34D-50DE9132323F} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {E0816EC5-C4BB-443F-BBA3-A6E06AA4D340} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {F3144631-02DD-4651-9723-EBA03EDBA9DA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstall_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\Desktop\PC\Software\Programme\MEDIONhome.lnk -> hxxp://www.medion.com/de2C:\Windows\System32\oobe\info\Icon\MedIcon (2).ico (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/ (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-06-06 17:06 - 2012-11-29 13:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00023880 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00109384 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupServiceLib.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 11391816 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupCore.dll
2015-03-05 12:49 - 2015-03-05 12:49 - 00324096 _____ () c:\Program Files\PC-WELT Backup Easy\bin\party.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 05945672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\ox.dll
2015-03-05 11:46 - 2015-03-05 11:46 - 00081920 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zdll.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00249672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\crumb.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00053576 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzmaUtil.dll
2015-03-05 12:43 - 2015-03-05 12:43 - 00049664 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzma.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00368968 _____ () c:\Program Files\PC-WELT Backup Easy\bin\tomb.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00022528 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zlibutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00023368 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4util.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00041288 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00560456 _____ () c:\Program Files\PC-WELT Backup Easy\bin\twirl.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00223048 _____ () c:\Program Files\PC-WELT Backup Easy\bin\netutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00154952 _____ () c:\Program Files\PC-WELT Backup Easy\bin\scoolite.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00626688 _____ () c:\Program Files\PC-WELT Backup Easy\bin\sqlite.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00165704 _____ () c:\Program Files\PC-WELT Backup Easy\bin\deemon.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00528712 _____ () c:\Program Files\PC-WELT Backup Easy\bin\veem.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00060744 _____ () c:\Program Files\PC-WELT Backup Easy\bin\minizutil.dll
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-09 11:25 - 2010-09-30 14:00 - 00253264 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2015-03-05 14:22 - 2015-03-05 14:22 - 00053760 _____ () c:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
2016-06-06 17:06 - 2012-11-27 15:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2016-06-06 17:06 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2014-12-10 19:12 - 2014-12-10 19:12 - 00344824 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-02-10 21:48 - 2016-02-10 21:48 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ () C:\Windows\SysWOW64\WPShellExt64.dll
2013-07-17 13:54 - 2013-07-17 13:54 - 00220672 _____ () C:\Program Files (x86)\Steganos Privacy Suite 14\ShellExtension.dll
2016-06-06 17:06 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2016-06-06 17:06 - 2010-12-17 14:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2016-06-06 17:06 - 2012-01-12 17:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2016-06-06 17:06 - 2012-01-12 17:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2016-06-06 17:06 - 2012-10-23 18:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2016-06-06 17:06 - 2012-08-08 18:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-06 17:06 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2016-06-06 17:06 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2016-06-27 09:35 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-06-27 09:35 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-02 12:20 - 2016-06-02 12:20 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\com -> hxxp://*.Wondershare.com
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\com -> hxxp://*.Wondershare.com
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\com -> hxxp://*.Wondershare.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-09-25 21:51 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orga-Nicer.lnk => C:\Windows\pss\Orga-Nicer.lnk.CommonStartup
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC-WELT Backup Easy => "C:\Program Files\PC-WELT Backup Easy\bin\backupClient-pcwbe.exe" --hidden
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{ED434935-FD27-43C9-838F-62FAF395247B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3715F1B3-1BFB-41E8-B30C-B8577C36F511}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{5F024E44-E458-43E6-98EE-F758ECDDDB74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2631EE86-CE69-4E24-9B2C-D009320BDB61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F242C584-7DC9-42B5-AB23-E466FD2F05CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{8E53D6E1-6EAA-4C3E-8ECC-42FF0EA6F52A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{262150B3-9785-4E55-9014-5022B7B66ADA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B158D186-191E-48DB-9297-0070447DF731}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0D80372E-F194-443D-8C97-97DCA1D20195}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{782075F4-666F-4E23-8FD0-61D33C99B582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9FF97F2E-0CE3-4805-872C-6C6C93F85AC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A07BB18C-FF46-4671-B33A-31B688142456}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B4C7E96C-9906-4F10-A7BF-AE39C3B47A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A57CB20-6BBF-4A65-9003-142AEC8115C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{06DC90CB-3E91-43B5-BA8B-B00BEEC44859}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A053A1F0-1286-4573-9A05-840F22657CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{483E0ADF-A26D-404F-8E2C-3D62F85CC2EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{69962D9B-D7DB-490F-8855-64475E0987B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33CCCDE3-826F-4E41-A79D-8BF6A526806E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{28DCDBF8-4DFB-471E-AFBD-B44AF4D7E4BF}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{F7A83851-06D7-499A-9675-1BAD1DB20E53}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 10\Audials.exe
FirewallRules: [{3299ACBC-BDC3-40B4-B7EF-A2A63CFF4144}] => (Allow) LPort=12972
FirewallRules: [{944ACA05-89DB-49AD-8CC3-B2A246C767D5}] => (Allow) LPort=14714
FirewallRules: [{20818C5F-2EE3-4E07-AF1F-CD37D0EBC17E}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{AAC0DC18-C583-4D6D-9347-19EB2956EE94}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [UDP Query User{0F020889-DD64-4F1F-A9E1-06A6178A101B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{1D6A688D-3F97-4BE8-A83F-FF86E1AE662F}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{C537A6AC-C52C-456E-83F6-97F58E0D817B}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{08C1272E-5134-4002-9DD5-5A21C661A40B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E2DDB6A9-FA9E-4AD5-B645-4CC70EA504BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{0D6CA7B6-38D5-4F22-8525-CB3A4DFB7951}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{1EEFB013-0064-4335-B9C9-10C65AC31F2E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{738787B9-6642-4415-A9DE-45DAB18E500D}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{C4916D39-0332-4687-9BB6-2664254F6105}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{206A486A-2DE3-4AAC-8E5E-447327A6298E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{6984532D-9ACF-42EB-8A65-186EDDEE1D8F}] => (Allow) LPort=51001
FirewallRules: [{D86FE523-B878-4F88-AEEF-73D8AE3AF29A}] => (Allow) LPort=51001
FirewallRules: [{0232F89D-1B6D-4C75-AB14-E18F140E4729}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{93892B1A-3BF3-46B6-B8C6-40398B213894}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{DF342700-7242-4D6A-BD0E-D252B7C0C2EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4352D4F1-9289-4F60-9423-2742F3765474}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA6752F-B642-4F9E-BCEC-856BA6F0B7B9}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{6D1F0B00-A033-4E52-B429-D85CBE9E9C4B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47715565-A217-400E-AAF4-FA51084FCFC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB35B513-3DFA-41B1-B9E8-921DBBBEDD0A}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{ECB98186-D03E-4EA9-86E0-6443CB8E0492}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{281D072E-F133-413A-8530-85E9DE22E543}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F606CDAC-6A92-4CF3-ADA5-9613189B62C3}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C18F4ECD-B500-4F3F-BAA0-1A48C4A095A6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{58516AFB-3699-4CA9-BD21-06026728CD93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D6904D4-D38E-42FE-8C92-7B6F162B68E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8ABECA6C-6159-4C43-8EA3-5CD25A0664C2}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{53EF195F-6729-4702-8114-A137B20F0960}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{3531680A-A193-4D23-9B4C-68709F2A6886}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CF541917-E503-4806-AB4A-BEB088C7E220}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{FEE00E6D-F5CC-4304-B5E9-01891E7FF65D}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{0F44FC79-29A0-40ED-A95A-3081452155F2}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{F397188B-A01E-43BB-84C5-6E52406483F9}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{3C91B94F-8218-49FB-B4DD-DF8A82F5C3B3}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{38D685AA-D6EC-410B-B301-74B5FF02B697}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{1F6153D5-D045-49B6-A46E-95289F29B44A}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{EA69C3B1-1D53-4496-B73A-3DFD527B52FD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B7B8506D-F021-4366-98E9-BFFF6665890C}] => (Allow) LPort=2869
FirewallRules: [{194B3D02-003E-47CA-A1ED-858A3A91D915}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/11/2016 02:40:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/09/2016 09:24:42 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/09/2016 08:05:15 AM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: m_pDevice->Present FAILED!
hr=88760868
Error: (07/08/2016 12:17:30 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/06/2016 02:36:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/05/2016 08:20:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm audacity.exe, Version 2.0.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f34
Startzeit: 01d1d68482316cff
Endzeit: 13
Anwendungspfad: C:\Program Files (x86)\Audacity\audacity.exe
Berichts-ID: 761ac884-4278-11e6-8292-e840f2b4d16c
Error: (07/04/2016 09:21:16 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/04/2016 05:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cdbxpp.exe, Version: 4.5.4.4852, Zeitstempel: 0x53856036
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a7e4
Ausnahmecode: 0x4000001f
Fehleroffset: 0x0001338d
ID des fehlerhaften Prozesses: 0x19c4
Startzeit der fehlerhaften Anwendung: 0xcdbxpp.exe0
Pfad der fehlerhaften Anwendung: cdbxpp.exe1
Pfad des fehlerhaften Moduls: cdbxpp.exe2
Berichtskennung: cdbxpp.exe3
Error: (07/04/2016 04:23:21 PM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: CD3DManager::DestroyCanvas() cannot destroy default canvas!
Error: (07/04/2016 04:22:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MetadataConvert.exe, Version: 5.1.4.18, Zeitstempel: 0x504087f7
Name des fehlerhaften Moduls: WSMultiTagMgr.dll, Version: 5.1.4.18, Zeitstempel: 0x504087bf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008d65b
ID des fehlerhaften Prozesses: 0x1db0
Startzeit der fehlerhaften Anwendung: 0xMetadataConvert.exe0
Pfad der fehlerhaften Anwendung: MetadataConvert.exe1
Pfad des fehlerhaften Moduls: MetadataConvert.exe2
Berichtskennung: MetadataConvert.exe3
Systemfehler:
=============
Error: (07/06/2016 12:47:46 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:12:01 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 05:27:36 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:15:02 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/05/2016 10:04:16 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/04/2016 04:39:03 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/03/2016 10:51:39 AM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (07/01/2016 12:49:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/01/2016 12:49:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht.
Error: (07/01/2016 12:48:25 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.
CodeIntegrity:
===================================
Date: 2013-09-25 21:38:53.619
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 21:38:53.553
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8086.48 MB
Verfügbarer physikalischer RAM: 4921.79 MB
Summe virtueller Speicher: 16171.15 MB
Verfügbarer virtueller Speicher: 12903.83 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:1.7 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:0.43 GB) NTFS
Drive z: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
11.07.2016, 14:31
| #10 |
| /// TB-Ausbilder | werde ask.gen nicht los Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
12.07.2016, 16:51
| #11 |
| | werde ask.gen nicht los Nach der Verwendung von AdwCleaner und Junkware Removal Tool habe ich jetzt ein neues Problem: Mit der Tastenkombination Fn und F2 kann ich jetzt die WLAN – Funktion nicht mehr aktivieren. :-( Außerdem konnte vor dem Scan des Junkware Removal Tool kein Wiederherstellungspunkt erstellt werden. AdwCleaner.txt Code:
ATTFilter # AdwCleaner v5.201 - Bericht erstellt am 12/07/2016 um 10:53:29
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-06-30.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Bernhard - BERNHARD-PC
# Gestartet von : C:\Users\Bernhard\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst gelöscht : sp_rsdrv2
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Ordner gelöscht : C:\Users\Bernhard\AppData\Local\FileViewPro
[-] Ordner gelöscht : C:\Users\Bernhard\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht : C:\Users\Admin\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht : C:\Program Files\FileViewPro
***** [ Dateien ] *****
[-] Datei gelöscht : C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejnmnhkgiphcaeefbaooconkceehicfi_0.localstorage
[-] Datei gelöscht : C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Solvusoft
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\systweak
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Solvusoft
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\systweak
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1BD434D9-3938-4222-82CA-9131A398E177}
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1BD434D9-3938-4222-82CA-9131A398E177}
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7019 Bytes] - [12/07/2016 10:53:29]
C:\AdwCleaner\AdwCleaner[R0].txt - [23284 Bytes] - [27/09/2013 07:55:44]
C:\AdwCleaner\AdwCleaner[R1].txt - [5349 Bytes] - [17/12/2013 13:19:34]
C:\AdwCleaner\AdwCleaner[R2].txt - [1534 Bytes] - [17/12/2013 13:35:15]
C:\AdwCleaner\AdwCleaner[R3].txt - [1594 Bytes] - [19/12/2013 16:26:13]
C:\AdwCleaner\AdwCleaner[R4].txt - [2994 Bytes] - [02/02/2014 17:40:43]
C:\AdwCleaner\AdwCleaner[R5].txt - [1775 Bytes] - [02/02/2014 18:59:06]
C:\AdwCleaner\AdwCleaner[R6].txt - [1895 Bytes] - [02/02/2014 19:10:50]
C:\AdwCleaner\AdwCleaner[R7].txt - [2906 Bytes] - [15/03/2014 15:14:02]
C:\AdwCleaner\AdwCleaner[R8].txt - [5862 Bytes] - [11/09/2014 19:45:46]
C:\AdwCleaner\AdwCleaner[R9].txt - [3487 Bytes] - [31/12/2014 08:45:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [21390 Bytes] - [27/09/2013 07:57:12]
C:\AdwCleaner\AdwCleaner[S1].txt - [13329 Bytes] - [17/12/2013 13:21:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [3055 Bytes] - [02/02/2014 18:39:42]
C:\AdwCleaner\AdwCleaner[S3].txt - [1836 Bytes] - [02/02/2014 19:01:41]
C:\AdwCleaner\AdwCleaner[S4].txt - [1956 Bytes] - [02/02/2014 19:13:31]
C:\AdwCleaner\AdwCleaner[S5].txt - [2977 Bytes] - [15/03/2014 20:04:35]
C:\AdwCleaner\AdwCleaner[S6].txt - [5767 Bytes] - [11/09/2014 19:51:42]
C:\AdwCleaner\AdwCleaner[S7].txt - [3441 Bytes] - [31/12/2014 08:50:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8409 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by Bernhard (Administrator) on 12.07.2016 at 11:11:50,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2016 at 11:14:42,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (Administrator) auf BERNHARD-PC (12-07-2016 11:37:22)
Gestartet von C:\Users\Bernhard\Desktop
Geladene Profile: Bernhard & _pcwelt_backup_ez_ (Verfügbare Profile: Bernhard & Admin & _supereasy_backup_ & _pcwelt_backup_ez_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Player\DelayPluginI.exe [1960008 2014-09-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2014-12-10] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDD6BC44-B98E-44E0-BFF0-D8BE66E39A8A}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader)
BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader)
BHO-x32: Wondershare Player 1.6.0 -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [2014-09-19] (Wondershare)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll [2013-10-15] (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-08] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-08] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent64.dll [2013-12-23] (soft Xpansion)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll [2013-07-17] (Steganos Software GmbH)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll [2014-02-25] (Steganos Software GmbH)
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525
FF Homepage: hxxp://gmx.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll [2014-11-11] (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-26] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll [2014-11-11] (Musicnotes, Inc.)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-10-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-10-16] (RealTimes)
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications Inc.)
FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-01-03] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-01-03] (RealPlayer)
FF Extension: ColorZilla - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-02-17]
FF Extension: NoScript - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08]
FF Extension: Save as PDF - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-27]
FF Extension: Print Edit - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\printedit@DW-dev.xpi [2016-05-22]
FF Extension: Simple Popup Blocker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\@simplepopupblocker.xpi [2016-06-27]
FF Extension: colorPicker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\colorPicker@colorPicker.xpi [2016-04-27]
FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-02-17]
FF Extension: Text to PDF file - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2016-01-23]
FF Extension: Video DownloadHelper - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-06]
FF Extension: Adblock Plus - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2016-04-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com
FF Extension: Wondershare Player - C:\ProgramData\Wondershare\Player\Player@Wondershare.com [2016-06-28] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26]
CHR Extension: (Google Drive) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26]
CHR Extension: (YouTube) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-27]
CHR Extension: (Google-Suche) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26]
CHR Extension: (SpeedTao Download Helper) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eifpflhplblejfpibogcnnepoldboioh [2013-09-27]
CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03]
CHR Extension: (RealDownloader) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-13]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-04-13]
CHR Extension: (Norton Identity Protection) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-07]
CHR Extension: (Ghostery) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-02]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Google Mail) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-05-02] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert]
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7704312 2014-12-10] (O&O Software GmbH)
R2 pcwelt_backup_ez; c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe [23880 2015-11-12] ()
S2 Pml Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [122368 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert]
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-16] (RealNetworks, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [Datei ist nicht signiert]
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S2 updatesvca; C:\Windows\system32\updatesvca.dll [209920 2013-03-04] (Digital Dynamic) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-19] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.)
S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2014-12-10] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2014-12-10] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2014-12-10] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2014-12-10] (O&O Software GmbH)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-01-28] ()
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-12 11:06 - 2016-07-12 11:16 - 00000000 ____D C:\Users\Bernhard\Desktop\ADW Cleaner und JRT
2016-07-12 10:59 - 2016-07-12 10:59 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Steganos
2016-07-12 10:41 - 2016-07-12 10:41 - 01610560 _____ (Malwarebytes) C:\Users\Bernhard\Desktop\JRT.exe
2016-07-12 10:40 - 2016-07-12 10:40 - 03712064 _____ C:\Users\Bernhard\Desktop\AdwCleaner_5.201.exe
2016-07-11 15:12 - 2016-07-11 15:12 - 00000000 ____D C:\Users\Bernhard\Desktop\FRST-OlderVersion
2016-07-09 09:49 - 2016-07-09 09:50 - 00000000 ____D C:\Users\Bernhard\Desktop\Malwarebytes
2016-07-09 08:37 - 2016-07-09 08:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Bernhard\Desktop\tdsskiller.exe
2016-07-09 08:12 - 2016-07-12 11:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Trojanerboard
2016-07-09 08:12 - 2016-07-11 15:12 - 02390528 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64.exe
2016-07-09 08:07 - 2016-07-09 08:07 - 00000000 ____D C:\Users\Bernhard\Downloads\Trojanerboard
2016-07-08 14:24 - 2016-07-08 14:24 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-08 14:23 - 2016-07-08 14:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-06 01:15 - 2016-07-06 01:15 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Audacity
2016-07-06 01:14 - 2016-07-06 01:14 - 00001015 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-07-06 01:03 - 2016-07-06 01:03 - 00000000 ____D C:\Program Files (x86)\FFmpeg for Audacity
2016-07-06 00:59 - 2016-07-06 01:00 - 09957947 _____ ( ) C:\Users\Bernhard\Downloads\ffmpeg-win-2.2.2.exe
2016-07-06 00:53 - 2016-07-06 00:53 - 26496761 _____ (Audacity Team ) C:\Users\Bernhard\Downloads\audacity-win-2.1.2.exe
2016-07-06 00:48 - 2016-07-06 01:21 - 00000000 ____D C:\Users\Bernhard\Desktop\17 Test
2016-07-06 00:48 - 2016-07-06 00:48 - 00000000 ____D C:\Users\Bernhard\Desktop\Neuer Ordner
2016-07-05 07:55 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Bernhard\Desktop\Audac
2016-07-04 16:24 - 2016-07-04 17:05 - 00000000 ____D C:\Users\Bernhard\Desktop\Musik Utto
2016-06-28 20:40 - 2016-07-04 16:23 - 00000000 ____D C:\ProgramData\Wondershare Player
2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ C:\Windows\SysWOW64\WPShellExt64.dll
2016-06-28 18:36 - 2016-06-28 18:36 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 09:35 - 2015-03-12 11:10 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll
2016-06-27 09:34 - 2016-06-27 09:34 - 00001191 _____ C:\Users\Public\Desktop\Wondershare PDFelement.lnk
2016-06-27 09:34 - 2016-06-27 09:34 - 00000000 ____D C:\ProgramData\PDFEditor
2016-06-26 19:57 - 2016-06-26 19:59 - 00000000 ____D C:\Users\Bernhard\Desktop\LL
2016-06-12 10:42 - 2016-06-27 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-12 11:37 - 2014-09-15 11:18 - 00036489 _____ C:\Users\Bernhard\Desktop\FRST.txt
2016-07-12 11:37 - 2013-09-25 09:44 - 00000000 ____D C:\FRST
2016-07-12 11:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-12 11:14 - 2014-03-15 20:34 - 00000668 _____ C:\Users\Bernhard\Desktop\JRT.txt
2016-07-12 11:10 - 2012-05-03 10:21 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\SoftGrid Client
2016-07-12 11:09 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-12 11:09 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-12 11:07 - 2016-05-11 00:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-12 10:57 - 2016-05-11 00:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-12 10:56 - 2013-01-15 03:52 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-12 10:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-12 10:53 - 2013-09-27 07:55 - 00000000 ____D C:\AdwCleaner
2016-07-12 10:53 - 2012-12-08 23:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Yahoo!
2016-07-12 10:53 - 2012-11-29 10:29 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Yahoo!
2016-07-11 15:13 - 2014-09-15 11:19 - 00063161 _____ C:\Users\Bernhard\Desktop\Addition.txt
2016-07-09 09:14 - 2014-08-22 15:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 08:10 - 2012-07-25 15:02 - 00074752 ___SH C:\Users\Bernhard\Thumbs.db
2016-07-09 08:04 - 2013-06-25 09:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Aktenschrank
2016-07-09 08:01 - 2014-09-21 21:14 - 00000000 ____D C:\Users\Bernhard\Desktop\Coaches
2016-07-09 07:46 - 2012-09-24 19:37 - 00000000 ____D C:\Users\Bernhard\Desktop\PC
2016-07-08 14:55 - 2013-01-17 21:50 - 00000000 ____D C:\Program Files\Java
2016-07-08 14:54 - 2014-11-14 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-08 14:24 - 2015-09-01 19:07 - 00000000 ____D C:\Users\Bernhard\.oracle_jre_usage
2016-07-08 14:19 - 2015-02-14 18:08 - 00738368 _____ (Oracle Corporation) C:\Users\Bernhard\Downloads\jxpiinstall.exe
2016-07-07 07:21 - 2012-09-11 20:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Maria
2016-07-06 01:20 - 2012-11-29 10:37 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Audacity
2016-07-06 01:15 - 2014-01-11 11:19 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-07-06 01:14 - 2014-01-11 11:19 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-07-06 00:43 - 2015-11-11 19:21 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Free
2016-07-05 07:49 - 2015-11-11 19:25 - 00000000 ____D C:\ProgramData\xml_param
2016-07-04 17:18 - 2013-05-10 15:06 - 00000000 ____D C:\Users\Bernhard\AppData\Local\CrashDumps
2016-07-03 15:43 - 2012-02-21 20:50 - 00700134 _____ C:\Windows\system32\perfh007.dat
2016-07-03 15:43 - 2012-02-21 20:50 - 00149984 _____ C:\Windows\system32\perfc007.dat
2016-07-03 15:43 - 2009-07-14 07:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-03 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-30 16:19 - 2012-10-04 12:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Löschen
2016-06-30 15:25 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Bernhard\Desktop\WordPress Homepageerstellung
2016-06-28 21:31 - 2013-10-26 10:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-28 20:41 - 2013-09-02 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-06-28 20:40 - 2014-03-15 09:05 - 00000000 ____D C:\ProgramData\Wondershare
2016-06-28 20:40 - 2013-09-02 16:34 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-06-28 18:36 - 2016-05-19 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 09:35 - 2013-12-11 09:23 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Wondershare
2016-06-27 00:46 - 2015-11-12 11:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-27 00:46 - 2013-03-19 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-26 19:59 - 2015-11-12 11:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-26 19:59 - 2015-07-08 21:16 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-26 19:59 - 2015-07-08 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-26 19:59 - 2014-06-23 22:13 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Adobe
2016-06-21 02:00 - 2016-01-30 21:42 - 00000000 ____D C:\Users\Bernhard\Desktop\SD Card 2016
2016-06-21 01:58 - 2014-07-23 07:37 - 00000000 ____D C:\Users\Bernhard\Desktop\Micro SDs
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-03-11 21:32 - 2016-04-07 12:21 - 0000138 _____ () C:\Users\Bernhard\AppData\Roaming\Camdata.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamLayout.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamShapes.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0004582 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.cfg
2013-03-11 21:29 - 2013-12-15 21:52 - 0000098 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.command
2013-03-11 21:30 - 2013-12-15 21:53 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.Data.ini
2013-03-11 21:30 - 2013-12-15 21:53 - 0001206 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.ini
2014-08-22 15:06 - 2014-08-22 15:06 - 0000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan
2013-10-11 12:09 - 2013-10-11 12:10 - 0003759 _____ () C:\Users\Bernhard\AppData\Roaming\moyea_dia.log
2014-03-27 15:47 - 2016-01-08 15:02 - 0002795 _____ () C:\Users\Bernhard\AppData\Roaming\SAS7_000.DAT
2013-01-28 09:37 - 2013-01-28 09:37 - 0001181 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt
2013-01-28 09:37 - 2013-01-28 09:37 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-01-09 02:52 - 2014-01-09 04:00 - 0000096 _____ () C:\Users\Bernhard\AppData\Roaming\version2.xml
2013-12-25 12:24 - 2016-05-15 13:24 - 0015360 _____ () C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-20 01:54 - 2014-01-18 13:47 - 0001495 _____ () C:\Users\Bernhard\AppData\Local\RecConfig.xml
2016-02-24 20:56 - 2016-02-24 20:56 - 0004352 _____ () C:\Users\Bernhard\AppData\Local\recently-used.xbel
2013-10-20 23:05 - 2014-07-07 18:13 - 0007602 _____ () C:\Users\Bernhard\AppData\Local\resmon.resmoncfg
2012-05-03 10:47 - 2012-05-03 10:47 - 0017408 _____ () C:\Users\Bernhard\AppData\Local\WebpageIcons.db
2015-08-14 21:23 - 2015-08-14 21:23 - 0000000 _____ () C:\Users\Bernhard\AppData\Local\{C50C67DE-E4BE-41E2-92F4-4BF1EED6D1D0}
2012-11-29 10:22 - 2016-03-15 00:17 - 0002858 _____ () C:\ProgramData\hpzinstall.log
2015-12-16 03:03 - 2015-12-16 03:03 - 0005078 _____ () C:\ProgramData\mzemgkrx.fuc
Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe
C:\Users\Bernhard\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Bernhard\AppData\Local\Temp\libeay32.dll
C:\Users\Bernhard\AppData\Local\Temp\msvcr120.dll
C:\Users\Bernhard\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Bernhard\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bernhard\AppData\Local\Temp\sqlite3.dll
C:\Users\Bernhard\AppData\Local\Temp\_is82B7.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-28 21:42
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (2016-07-12 11:38:09)
Gestartet von C:\Users\Bernhard\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-03 08:02:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-4070342091-3793343965-3738386277-1003 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4070342091-3793343965-3738386277-500 - Administrator - Disabled)
Bernhard (S-1-5-21-4070342091-3793343965-3738386277-1000 - Administrator - Enabled) => C:\Users\Bernhard
Gast (S-1-5-21-4070342091-3793343965-3738386277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070342091-3793343965-3738386277-1002 - Limited - Enabled)
_pcwelt_backup_ez_ (S-1-5-21-4070342091-3793343965-3738386277-1009 - Administrator - Enabled) => C:\Users\_pcwelt_backup_ez_
_supereasy_backup_ (S-1-5-21-4070342091-3793343965-3738386277-1008 - Administrator - Enabled) => C:\Users\_supereasy_backup_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Amazon Kindle) (Version: - Amazon)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version: - AnVir Software)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{5863B6EF-76D0-4FF8-AA2F-EEBE7CC49DAA}) (Version: - ArcSoft)
ArcSoft VideoImpression 2 (HKLM-x32\...\{5339885F-4597-4343-BD3B-74280CC79424}) (Version: - ArcSoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audials (HKLM-x32\...\{85B5CB65-2AC3-4C1C-A950-B20DE5520C79}) (Version: 10.2.19305.500 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version: - AVM Berlin)
Biet-O-Matic v2.14.10 (HKLM-x32\...\Biet-O-Matic v2.14.10) (Version: 2.14.10 - BOM Development Team)
Bitrix24 for Windows (HKLM-x32\...\Bitrix24) (Version: 3.4.31.31 - Bitrix, Inc)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version: - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
ColorPage-SF600 (HKLM-x32\...\{A5505456-B9C3-43DA-A588-F6947422C134}) (Version: V4.3.0 - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkWave Studio 4.0.9 (HKLM-x32\...\DarkWave Studio) (Version: 4.0.9 - ExperimentalScene)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
f4 2012 (HKLM-x32\...\f42012) (Version: - audiotranskription.de)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LightScribe Applications (HKLM-x32\...\{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}) (Version: 1.18.5.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version: - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Video Editor 10 SE (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.1.2 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.0.223 - O&O Software GmbH)
oCam version 16.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 16.0.0.0 - hxxp://ohsoft.net/)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paragon Festplatten Tools™ 2015 (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-WELT Backup Easy (HKLM\...\PC-WELT Backup Easy) (Version: 1.19 - IDG Tech Media GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.0.1243 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sigel BusinessCardSoftware Demo (HKLM-x32\...\Sigel BusinessCardSoftware Demo) (Version: - )
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (x32 Version: 3.0.6.28 - StarFinanz) Hidden
StarMoney 8.0 (HKLM-x32\...\{2E36EB70-A4D8-4CD0-915D-0ACAAED6A918}) (Version: 8.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steganos Password Manager 14 (HKLM-x32\...\{C83404F0-D7FA-4069-94AB-2F34FDA22AA8}) (Version: 14.2 - Steganos Software GmbH)
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.2 - Steganos Software GmbH)
Stickies 7.1d (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
StudioLine Photo Classic 3 SE (HKLM-x32\...\{53BDE9F4-79D1-4E2D-B7A4-4D3663419BAB}) (Version: 3.70.50.1 - H&M System Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Product Image (05/02/2002 1.0.1.1) (HKLM\...\F408A29B912DF89043C0C67FB04AE7CF4A67FF97) (Version: 05/02/2002 1.0.1.1 - Product)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare PDFelement(Build 4.0.1) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.1.4 - Wondershare Software Co.,Ltd.)
Wondershare Player(Build 1.6.1) (HKLM-x32\...\Wondershare Player_is1) (Version: 1.6.1.0 - Wondershare)
Wunderlist (HKLM-x32\...\{1cdbee75-ad10-47e7-b5c4-1f051f899978}) (Version: 2.3.0.30 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.30 - 6 Wunderkinder GmbH) Hidden
Zweckform Etiketten Assistent (HKLM-x32\...\Zweckform Etiketten Assistent) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0D8F44A2-12F9-4D2D-810C-416C83F570A6} - System32\Tasks\{7F7E2F3B-EF44-43AA-9947-935E9B56B37C} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {0DFBFFF2-B0BB-45B1-9284-16317CDD74EF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {0F526937-5C13-40D9-AD0C-4B4AB398A47E} - System32\Tasks\{38D79D0C-9D17-4C60-95CA-4B367CDFDF11} => pcalua.exe -a E:\PROGRAM\GERMAN\rmb\setup_x64.exe -d E:\PROGRAM\GERMAN\rmb
Task: {119695C5-3BED-40B0-9BF0-EB16C8F0362E} - System32\Tasks\{6CFDF215-3B31-4E0B-A934-95C32A086566} => pcalua.exe -a F:\setup_f.exe -d F:\
Task: {1253A9A4-F396-498A-8533-D5593CE77E41} - System32\Tasks\{86587C49-245F-4A8B-9A0A-486EB72072C1} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {143E9C67-70DB-45A4-824C-F6F026A9BDD2} - System32\Tasks\{99E55DA8-7CB1-41BA-A0D1-C985A76C7213} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {1EA9C5EC-A782-484A-9625-3C319562949C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {25FE5305-7D03-4223-9F19-DDD1F2EEE4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-26] (Adobe Systems Incorporated)
Task: {347DB677-28B4-475A-91D5-030F4F7DAF3D} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {34972354-32B6-4AA0-8B09-A11B6B59EC88} - System32\Tasks\{485E4FEF-32A1-4B05-8080-C4F815720167} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {4C3BF434-CB48-46E3-AFD3-03B4C523E18D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4DC13273-DC82-43E4-8045-AC62928EE457} - System32\Tasks\{EED6B82B-CB5A-4F84-8A34-C1EE5D6C5CC7} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {5B04776D-F2FC-4941-B435-DE63FB9B90BA} - System32\Tasks\{1D1A8A18-7950-41F2-BD97-5641FB750FB2} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {5FAE9FF5-BC24-41EF-A40D-75730FA50529} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {72091BCB-DCCE-43F6-A76A-4C8EA9514D1F} - System32\Tasks\{47B10711-FF6D-48E1-A80E-0C29DE09EF4D} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
Task: {7790F5CA-8F62-47E6-A91D-5E99D9D90CED} - System32\Tasks\{BB4D84AD-6D4A-4AE9-8BDD-6E099740DBD6} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {7A33E08A-C524-4214-AFE4-8F792B3D77C4} - System32\Tasks\ReclaimerResumeInstall_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {7D24F5A0-4FE0-4392-88E3-6D463E2A6561} - System32\Tasks\{4DB20908-7514-4312-A1EA-BB226D90C566} => pcalua.exe -a F:\ColorPage-SF600\Setup\SETUP.EXE -d F:\ColorPage-SF600\Setup
Task: {7F585A86-52A3-4450-B126-EAB423463D98} - System32\Tasks\{EFCB28CE-4DF3-45BF-BFA8-AE6AEC600140} => pcalua.exe -a C:\Users\Bernhard\Downloads\fmp_setup.exe -d C:\Users\Bernhard\Downloads
Task: {7FCD9305-61E5-423D-A8EF-6C05C063BB06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {96480441-EFC8-411C-8FA9-1D73D888B756} - System32\Tasks\{2DD33BBB-46F0-4858-A078-E254CE47E6B3} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {97E2772A-B4F8-4C09-B1E1-12E8CC346DF9} - System32\Tasks\{C03F0FDB-3AD8-4F2F-BC14-AA8766D05E72} => pcalua.exe -a C:\Users\Bernhard\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {9BBF4107-FD93-4C12-85D5-4F8C6F5D0FE7} - System32\Tasks\{54B13488-53E8-40B0-9D34-52CAB98CCD35} => pcalua.exe -a F:\Audials-One\TrekStor_AudialsOne8_SE.exe -d F:\Audials-One
Task: {A037188E-6F91-4AFD-84D8-97961F8C65D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {A8B56FC8-7265-4657-BCE9-FFEE3C98BA58} - System32\Tasks\{E7A9CAE4-4B85-4EAD-968D-7A7129D2B520} => pcalua.exe -a E:\Notfall-4-Setup.exe -d E:\
Task: {AB6EB7EA-CC34-42A8-AB2C-806E13212C6F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe
Task: {B040F48C-E6D6-4DFB-9319-02A31FAD9A44} - System32\Tasks\{0F7E1A9B-0443-4225-A10F-56142B061744} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {B0A74DAC-2A82-4734-A2FD-F53FA80FD4CD} - System32\Tasks\ReclaimerResumeInstallLogin_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {BFF44E6B-0E2B-40C4-87A7-48A8D337F257} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {C228335C-2A01-48C3-A681-034FABC44C84} - System32\Tasks\{624950FD-F4CC-4D02-8319-AA439B030D95} => pcalua.exe -a "C:\Program Files (x86)\Sigel\BusinessCard Software\BusinessCardDemo.exe"
Task: {CBB5779C-CD71-4D3A-B6CC-565C1E5492AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {CBD65DD2-23AB-4B37-8E5D-09E9F6532B4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {CDF3F9DD-47A6-4D1C-ACA3-4B69FEB88881} - System32\Tasks\{753244C6-DC45-427A-8BCE-FAF0BEDAC406} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {D3D1D49C-1107-4D8D-B0BC-8BF0B555EE84} - System32\Tasks\{D26BBEE7-B8A7-4DEA-90DF-B9C8C6511558} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {DC59771F-0A7A-4F52-89E9-24E2E1BC9E73} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-09-16] ()
Task: {DD9E7AF3-2FEC-4132-B34D-50DE9132323F} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {E0816EC5-C4BB-443F-BBA3-A6E06AA4D340} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {F3144631-02DD-4651-9723-EBA03EDBA9DA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstall_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\Desktop\PC\Software\Programme\MEDIONhome.lnk -> hxxp://www.medion.com/de2C:\Windows\System32\oobe\info\Icon\MedIcon (2).ico (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/ (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-06-06 17:06 - 2012-11-29 13:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00023880 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00109384 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupServiceLib.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 11391816 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupCore.dll
2015-03-05 12:49 - 2015-03-05 12:49 - 00324096 _____ () c:\Program Files\PC-WELT Backup Easy\bin\party.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 05945672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\ox.dll
2015-03-05 11:46 - 2015-03-05 11:46 - 00081920 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zdll.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00249672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\crumb.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00053576 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzmaUtil.dll
2015-03-05 12:43 - 2015-03-05 12:43 - 00049664 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzma.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00368968 _____ () c:\Program Files\PC-WELT Backup Easy\bin\tomb.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00022528 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zlibutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00023368 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4util.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00041288 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00560456 _____ () c:\Program Files\PC-WELT Backup Easy\bin\twirl.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00223048 _____ () c:\Program Files\PC-WELT Backup Easy\bin\netutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00154952 _____ () c:\Program Files\PC-WELT Backup Easy\bin\scoolite.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00626688 _____ () c:\Program Files\PC-WELT Backup Easy\bin\sqlite.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00165704 _____ () c:\Program Files\PC-WELT Backup Easy\bin\deemon.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00528712 _____ () c:\Program Files\PC-WELT Backup Easy\bin\veem.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00060744 _____ () c:\Program Files\PC-WELT Backup Easy\bin\minizutil.dll
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-10 19:12 - 2014-12-10 19:12 - 00344824 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-02-10 21:48 - 2016-02-10 21:48 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-10-09 11:25 - 2010-09-30 14:00 - 00253264 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2015-03-05 14:22 - 2015-03-05 14:22 - 00053760 _____ () c:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-02 12:20 - 2016-06-02 12:20 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\com -> hxxp://*.Wondershare.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-09-25 21:51 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orga-Nicer.lnk => C:\Windows\pss\Orga-Nicer.lnk.CommonStartup
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC-WELT Backup Easy => "C:\Program Files\PC-WELT Backup Easy\bin\backupClient-pcwbe.exe" --hidden
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{ED434935-FD27-43C9-838F-62FAF395247B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3715F1B3-1BFB-41E8-B30C-B8577C36F511}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{5F024E44-E458-43E6-98EE-F758ECDDDB74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2631EE86-CE69-4E24-9B2C-D009320BDB61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F242C584-7DC9-42B5-AB23-E466FD2F05CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{8E53D6E1-6EAA-4C3E-8ECC-42FF0EA6F52A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{262150B3-9785-4E55-9014-5022B7B66ADA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B158D186-191E-48DB-9297-0070447DF731}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0D80372E-F194-443D-8C97-97DCA1D20195}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{782075F4-666F-4E23-8FD0-61D33C99B582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9FF97F2E-0CE3-4805-872C-6C6C93F85AC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A07BB18C-FF46-4671-B33A-31B688142456}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B4C7E96C-9906-4F10-A7BF-AE39C3B47A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A57CB20-6BBF-4A65-9003-142AEC8115C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{06DC90CB-3E91-43B5-BA8B-B00BEEC44859}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A053A1F0-1286-4573-9A05-840F22657CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{483E0ADF-A26D-404F-8E2C-3D62F85CC2EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{69962D9B-D7DB-490F-8855-64475E0987B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33CCCDE3-826F-4E41-A79D-8BF6A526806E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{28DCDBF8-4DFB-471E-AFBD-B44AF4D7E4BF}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{F7A83851-06D7-499A-9675-1BAD1DB20E53}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 10\Audials.exe
FirewallRules: [{3299ACBC-BDC3-40B4-B7EF-A2A63CFF4144}] => (Allow) LPort=12972
FirewallRules: [{944ACA05-89DB-49AD-8CC3-B2A246C767D5}] => (Allow) LPort=14714
FirewallRules: [{20818C5F-2EE3-4E07-AF1F-CD37D0EBC17E}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{AAC0DC18-C583-4D6D-9347-19EB2956EE94}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [UDP Query User{0F020889-DD64-4F1F-A9E1-06A6178A101B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{1D6A688D-3F97-4BE8-A83F-FF86E1AE662F}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{C537A6AC-C52C-456E-83F6-97F58E0D817B}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{08C1272E-5134-4002-9DD5-5A21C661A40B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E2DDB6A9-FA9E-4AD5-B645-4CC70EA504BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{0D6CA7B6-38D5-4F22-8525-CB3A4DFB7951}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{1EEFB013-0064-4335-B9C9-10C65AC31F2E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{738787B9-6642-4415-A9DE-45DAB18E500D}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{C4916D39-0332-4687-9BB6-2664254F6105}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{206A486A-2DE3-4AAC-8E5E-447327A6298E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{6984532D-9ACF-42EB-8A65-186EDDEE1D8F}] => (Allow) LPort=51001
FirewallRules: [{D86FE523-B878-4F88-AEEF-73D8AE3AF29A}] => (Allow) LPort=51001
FirewallRules: [{0232F89D-1B6D-4C75-AB14-E18F140E4729}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{93892B1A-3BF3-46B6-B8C6-40398B213894}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{DF342700-7242-4D6A-BD0E-D252B7C0C2EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4352D4F1-9289-4F60-9423-2742F3765474}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA6752F-B642-4F9E-BCEC-856BA6F0B7B9}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{6D1F0B00-A033-4E52-B429-D85CBE9E9C4B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47715565-A217-400E-AAF4-FA51084FCFC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB35B513-3DFA-41B1-B9E8-921DBBBEDD0A}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{ECB98186-D03E-4EA9-86E0-6443CB8E0492}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{281D072E-F133-413A-8530-85E9DE22E543}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F606CDAC-6A92-4CF3-ADA5-9613189B62C3}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C18F4ECD-B500-4F3F-BAA0-1A48C4A095A6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{58516AFB-3699-4CA9-BD21-06026728CD93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D6904D4-D38E-42FE-8C92-7B6F162B68E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8ABECA6C-6159-4C43-8EA3-5CD25A0664C2}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{53EF195F-6729-4702-8114-A137B20F0960}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{3531680A-A193-4D23-9B4C-68709F2A6886}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CF541917-E503-4806-AB4A-BEB088C7E220}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{FEE00E6D-F5CC-4304-B5E9-01891E7FF65D}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{0F44FC79-29A0-40ED-A95A-3081452155F2}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{F397188B-A01E-43BB-84C5-6E52406483F9}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{3C91B94F-8218-49FB-B4DD-DF8A82F5C3B3}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{38D685AA-D6EC-410B-B301-74B5FF02B697}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{1F6153D5-D045-49B6-A46E-95289F29B44A}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{EA69C3B1-1D53-4496-B73A-3DFD527B52FD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B7B8506D-F021-4366-98E9-BFFF6665890C}] => (Allow) LPort=2869
FirewallRules: [{194B3D02-003E-47CA-A1ED-858A3A91D915}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/12/2016 11:08:53 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/12/2016 10:57:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2016 10:57:09 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (07/11/2016 02:40:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/09/2016 09:24:42 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/09/2016 08:05:15 AM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: m_pDevice->Present FAILED!
hr=88760868
Error: (07/08/2016 12:17:30 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/06/2016 02:36:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (07/05/2016 08:20:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm audacity.exe, Version 2.0.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f34
Startzeit: 01d1d68482316cff
Endzeit: 13
Anwendungspfad: C:\Program Files (x86)\Audacity\audacity.exe
Berichts-ID: 761ac884-4278-11e6-8292-e840f2b4d16c
Error: (07/04/2016 09:21:16 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Systemfehler:
=============
Error: (07/12/2016 10:56:09 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (07/12/2016 10:55:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (07/12/2016 10:53:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2013-09-25 21:38:53.619
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 21:38:53.553
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8086.48 MB
Verfügbarer physikalischer RAM: 5179.34 MB
Summe virtueller Speicher: 16171.15 MB
Verfügbarer virtueller Speicher: 13519.96 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:1.7 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:0.43 GB) NTFS
Drive z: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
12.07.2016, 20:25
| #12 |
| /// TB-Ausbilder | werde ask.gen nicht los Servus,
|
|
12.07.2016, 21:13
| #13 |
| | werde ask.gen nicht losCode:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (2016-07-12 22:11:57)
Gestartet von C:\Users\Bernhard\Desktop
Start-Modus: Normal
================== Registry-Suche: "FileViewPro;Yahoo!\Companion;YFriendsBar;ask.com;ask toolbar;APN-Stub" ===========
===================== Suchergebnis für "FileViewPro" ==========
[HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList]
"i"="FileViewPro.exe"
[HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithList]
"g"="FileViewPro.exe"
===================== Suchergebnis für "ask.com" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
====== Ende von Suche ======
|
|
13.07.2016, 15:22
| #14 |
| /// TB-Ausbilder | werde ask.gen nicht los Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
CMD: reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v i /f
CMD: reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v g /f
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] ()
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei
BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - Keine Datei
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden
CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03]
C:\Users\Bernhard\AppData\Local\adStartPage
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
14.07.2016, 10:18
| #15 |
| | werde ask.gen nicht los Beim ersten Versuch kam die Fehlermeldung: Farbar Recovery Scan Tool funktioniert nicht mehr Der zweite Versuch war erfolgreich: Code:
ATTFilter Problemsignatur:
Problemereignisname: APPCRASH
Anwendungsname: FRST64.exe
Anwendungsversion: 13.7.2016.2
Anwendungszeitstempel: 57869b0a
Fehlermodulname: ntdll.dll
Fehlermodulversion: 6.1.7601.23418
Fehlermodulzeitstempel: 5708a857
Ausnahmecode: c0000005
Ausnahmeoffset: 000000000000c259
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031
Zusatzinformation 1: ddc4
Zusatzinformation 2: ddc450a5a9a4890ebce2f0cdec70607e
Zusatzinformation 3: 6bfb
Zusatzinformation 4: 6bfb0a3602ba054d29ec3278a3933195
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
durchgeführt von Bernhard (2016-07-14 10:48:03) Run:3
Gestartet von C:\Users\Bernhard\Desktop
Geladene Profile: Bernhard & (Verfügbare Profile: Bernhard & Admin & _supereasy_backup_ & _pcwelt_backup_ez_)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
CMD: reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v i /f
CMD: reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v g /f
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] ()
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei
BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - Keine Datei
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden
CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03]
C:\Users\Bernhard\AppData\Local\adStartPage
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
========= reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v i /f =========
FEHLER: Der angegebene Registrierungsschl�ssel bzw. Wert wurde nicht gefunden.
========= Ende vonCMD: =========
========= reg delete "HKEY_USERS\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList" /v g /f =========
FEHLER: Der angegebene Registrierungsschl�ssel bzw. Wert wurde nicht gefunden.
========= Ende vonCMD: =========
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Wert nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => Schlüssel nicht gefunden.
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden.
Konnte nicht verschoben werden "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled" => ist geplant bei Neustart verschoben zu werden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\URLSearchHooks\\{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} => Wert nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\URLSearchHooks\\{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} => Wert nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475} => Schlüssel nicht gefunden.
HKCR\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475} => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert nicht gefunden.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert nicht gefunden.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} => Wert nicht gefunden.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert nicht gefunden.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden.
HKCR\PROTOCOLS\Handler\WSIEChrome => Schlüssel nicht gefunden.
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert nicht gefunden.
C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj => nicht gefunden
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj => Schlüssel nicht gefunden.
"C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx" => nicht gefunden.
"C:\Users\Bernhard\AppData\Local\adStartPage" => nicht gefunden.
"C:\ProgramData\Temp" => ":0FF263E8" ADS nicht gefunden.
"C:\ProgramData\Temp" => ":A303874F" ADS nicht gefunden.
"C:\ProgramData\Temp" => ":AD022376" ADS nicht gefunden.
"C:\ProgramData\Temp" => ":F9CFE070" ADS nicht gefunden.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende vonCMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende vonCMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1048648 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Bernhard => 794077546 B
Admin => 1852757 B
_ocster_backup_ => 0 B
_ocster_backup_ => 0 B
_ocster_backup_ => 0 B
_supereasy_backup_ => 33058 B
_supereasy_backup_ => 0 B
_pcwelt_backup_ez_ => 33058 B
RecycleBin => 1636699797 B
EmptyTemp: => 2.3 GB temporäre Dateien entfernt.
================================
Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 2016-07-14 10:52:11)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled => ist erfolgreich verschoben
==== Ende von Fixlog 10:52:11 ====
|
|
| Themen zu werde ask.gen nicht los |
| ask.gen, entfern, entferne, entfernen, entfernt, malwarebytes, mehrmals, meinem, neustart, nicht |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
