| |
| |||||||
Log-Analyse und Auswertung: IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-ComWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.08.2016, 19:44
| #1 |
 |  IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Hallo zusammen, habe nun den zweiten Brief von der T Com bekommen, das bei mir wohl ein Virus/Tjojaner am Werk ist. Nach Rückruf wurde mir der Name IRCBOT VIRUT genannt. Wie bekomme ich da Ding jetzt wieder weg  Ich habe auch schon eine FRST.txt erstllt.....  VIELEN lieben DANK für Eure HIlfe FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 11-08-2016 01
durchgeführt von Ck (Administrator) auf CK-PC (11-08-2016 20:28:16)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\PC Beschleunigen\PCSUService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5351184 2016-07-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Babylon Client] => C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [3460760 2012-07-30] (Babylon Ltd.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [SearchSettings] => C:\Program Files\pdfforge Toolbar\SearchSettings.exe
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-26] ()
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49315;https=127.0.0.1:49315
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:49315;https=127.0.0.1:49315
ProxyServer: [S-1-5-21-1965394401-2103718357-1127923810-1000] => http=127.0.0.1:49315;https=127.0.0.1:49315
AutoConfigURL: [S-1-5-21-1965394401-2103718357-1127923810-1000] => http=127.0.0.1:49315;https=127.0.0.1:49315
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100
Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
URLSearchHook: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 - (Kein Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> DefaultScope {C3E6F08D-366C-4806-81AE-DA013DD94FC8} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.max-start.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=CEDA0022437B3CA6&affID=125036&tsp=5031
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=cedae3900000000000000022437b3ca6&r=562
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={618C921F-D468-475C-AA8E-47010B06B932}&mid=c78b2ac09d2e57d5c4b70b3084df8c77-5a73515d7d286b81fdb6302665c66b7a8f5e2d07&lang=de&ds=AVG&pr=fr&d=2012-06-07 12:50:30&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {C3E6F08D-366C-4806-81AE-DA013DD94FC8} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2012-07-30] (Babylon Ltd.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-20] (Google Inc.)
BHO: Kein Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Kein Name -> {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> C:\Program Files\pdfforge Toolbar\SearchSettings.dll => Keine Datei
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [2013-06-11] (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-11] (DVDVideoSoft Ltd.)
Toolbar: HKLM - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [2013-06-11] (Softonic.com)
Toolbar: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-11] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! Powered
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: Google
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF user.js: detected! => C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\user.js [2013-12-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\avg-secure-search.xml [2014-08-29]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\conduit.xml [2012-05-08]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\searchgol.xml [2013-10-10]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\softonic.xml [2013-12-06]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\yahoo! powered.xml [2016-07-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2014-08-26]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-12-14] [ist nicht signiert]
FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-05-31] [ist nicht signiert]
FF Extension: Search Settings Plugin - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com [2013-05-31] [ist nicht signiert]
FF Extension: pdfforge Toolbar Plugin - C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF Extension: Babylon Translation Activation - C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Search-Gol Toolbar) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac [2013-12-24] [UpdateUrl: hxxp://img.delta-search.com/ext/chrome/update/update-delta.xml] <==== ACHTUNG
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Babylon Translator) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-12-24] [UpdateUrl: hxxp://img.babylon.com/ext/chrome/update/update.xml] <==== ACHTUNG
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-24]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Wajam) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Ck\AppData\Roaming\BabSolution\CR\searchgol.crx [2013-06-12]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [637944 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4093696 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [594904 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PCSUService; C:\Program Files\PC Beschleunigen\PCSUService.exe [206336 2011-07-20] () [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-07-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255744 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [191744 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [217344 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-07-30] (Phoenix Technologies) [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Downloads\tdsskiller.exe
2016-08-11 20:28 - 2016-08-11 20:28 - 00035844 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-11 20:28 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-11 20:26 - 01744384 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 23:23 - 2016-06-14 16:57 - 02398208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-02 23:23 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-02 23:23 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-02 23:23 - 2016-06-10 21:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-02 23:23 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-02 23:23 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-02 23:23 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-02 23:23 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-02 23:23 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-02 23:23 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-02 23:23 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-02 23:23 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-02 23:23 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-02 23:23 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-02 23:23 - 2016-06-10 20:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-02 23:23 - 2016-06-10 20:35 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-02 23:23 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-02 23:23 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-02 23:23 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-02 23:23 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-02 23:23 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-02 23:23 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-02 23:23 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-02 23:23 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-02 23:23 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-02 23:23 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-02 23:23 - 2016-06-10 20:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-02 23:23 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-02 23:23 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-02 23:23 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-02 23:23 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-02 23:23 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-02 23:23 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner
2016-07-18 17:35 - 2016-07-18 17:35 - 00052681 _____ C:\Users\Ck\Downloads\Rechnung_200000333.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265746 _____ C:\Users\Ck\Downloads\TGFSQ-5Z6ULWVDJE.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265729 _____ C:\Users\Ck\Downloads\LCHCZ-AYPQQ4RHZB.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265690 _____ C:\Users\Ck\Downloads\ECQXA-Y9TE9BPJHX.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265679 _____ C:\Users\Ck\Downloads\XUSQZ-BSM9NG5HWX.pdf
2016-07-14 21:28 - 2016-07-14 21:28 - 01065040 _____ C:\Users\Ck\Downloads\FRITZ.Box Fon WLAN 7390 84.06.51_14.07.16_2128.export
2016-07-14 21:09 - 2016-07-14 21:09 - 01061298 _____ C:\Users\Ck\Downloads\FRITZ.Box Fon WLAN 7390 84.06.30_14.07.16_2108.export
2016-07-14 21:05 - 2016-07-14 21:05 - 00000000 ____D C:\Users\Ck\Downloads\german
2016-07-14 20:58 - 2016-07-14 20:58 - 00000000 ____D C:\ProgramData\ByteFence
2016-07-14 20:48 - 2016-08-11 20:24 - 00000000 ____D C:\Program Files\ByteFence
2016-07-14 20:48 - 2016-07-17 10:59 - 00000000 ____D C:\Users\Ck\AppData\Local\{BD3A8B66-9992-E7DE-F40A-C236D0623EAE}
2016-07-14 20:48 - 2016-07-14 20:49 - 00000000 ____D C:\Users\Ck\AppData\Local\Setup1274699
2016-07-14 20:48 - 2016-07-14 20:48 - 00000000 ____D C:\Users\Ck\AppData\Roaming\{BD678BDC-9835-E6AA-F303-C1782FD13C46}
2016-07-14 20:48 - 2016-07-14 20:48 - 00000000 ____D C:\Users\Ck\AppData\Local\sesi
2016-07-14 19:13 - 2016-07-14 19:13 - 00313366 _____ C:\Users\Ck\Downloads\WindowsUpdateDiagnostic.diagcab
2016-07-14 19:09 - 2016-07-14 19:09 - 00073525 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0062016_vom_30.06.2016_20160714070945.pdf
2016-07-14 19:09 - 2016-07-14 19:09 - 00066709 _____ C:\Users\Ck\Downloads\KundenmitteilungRechnungsabschluss_777964016_vom_30.06.2016_20160714070940.pdf
2016-07-14 19:05 - 2016-07-14 19:05 - 03838492 _____ (LIGHTNING UK!) C:\Users\Ck\Downloads\SetupImgBurn_2.5.8.0.exe
2016-07-14 17:10 - 2016-07-14 17:27 - 1940455424 _____ C:\Users\Ck\Downloads\ct_2016_12.iso
2016-07-13 21:19 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-13 21:19 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-13 21:19 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-07-13 21:19 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-07-13 21:19 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-07-13 21:18 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-13 21:18 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-13 21:18 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-13 21:18 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-13 21:18 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-13 21:18 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-13 21:18 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-13 21:18 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-13 21:18 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-13 21:18 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-13 21:18 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-13 21:18 - 2016-04-14 17:38 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-07-13 21:18 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-07-13 21:18 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-07-13 21:17 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-13 21:17 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-13 21:17 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-13 21:17 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-13 21:17 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-13 21:17 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-13 21:11 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-11 20:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-11 20:24 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-11 20:23 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-11 20:21 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-11 20:20 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-10 17:56 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-10 17:56 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-10 17:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-07 22:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-04 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-04 13:17 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-02 23:58 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 23:43 - 2013-05-31 15:45 - 01601228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-02 23:43 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-02 23:43 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-02 23:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-02 23:36 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-02 23:28 - 2013-06-12 08:33 - 141983760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-02 21:47 - 2015-11-09 09:23 - 00000910 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-08-02 21:47 - 2014-04-01 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp
2016-07-23 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-07-20 16:27 - 2009-09-30 22:04 - 00000000 ____D C:\Users\Ck\AppData\Roaming\vlc
2016-07-15 16:13 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-14 21:27 - 2016-04-22 12:04 - 00000000 ____D C:\Users\Ck\Desktop\The.Gift.German.DL.AC3.Dubbed.720p.BluRay.x264-PsO
2016-07-14 21:24 - 2016-04-22 12:07 - 00000000 ____D C:\Users\Ck\Desktop\The.Revenant.-.Der.Rueckkehrer.DVDScr.LD.German.x264-PsO
2016-07-14 20:51 - 2016-03-11 17:20 - 00000000 ____D C:\Users\Ck\Downloads\LUPUSEC
2016-07-14 19:15 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-07-13 22:26 - 2009-03-25 19:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-13 21:38 - 2010-06-13 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-12 18:25 - 2013-12-24 21:54 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-12 18:25 - 2013-12-24 21:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-12 18:25 - 2009-03-27 14:36 - 00000000 ____D C:\Windows\system32\Macromed
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe
Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-07 19:24
==================== Ende vom FRST.txt ============================
|
|
11.08.2016, 19:45
| #2 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com FRST Additions Logfile:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 11-08-2016 01
durchgeführt von Ck (2016-08-11 20:29:24)
Gestartet von C:\Users\Ck\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2013-05-31 13:55:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1965394401-2103718357-1127923810-500 - Administrator - Disabled)
Ck (S-1-5-21-1965394401-2103718357-1127923810-1000 - Administrator - Enabled) => C:\Users\Ck
Gast (S-1-5-21-1965394401-2103718357-1127923810-501 - Limited - Disabled)
Sonos (S-1-5-21-1965394401-2103718357-1127923810-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4Free Video Converter 2 (HKLM\...\{7061301A-0D44-432F-859D-AF705DA2C81F}_is1) (Version: - 4Free Studio)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (Version: 16.91.7690 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4633 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies)
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{F2B03BB1-D679-4FFF-951D-3058A669A823}) (Version: 1.3.1 - AVM Berlin)
Babylon (HKLM\...\Babylon) (Version: - Babylon)
Brother P-touch Editor 5.0 (HKLM\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.032 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (Version: 5.0.032 - Brother Industries, Ltd.) Hidden
ByteFence Anti-Malware (HKLM\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ACHTUNG
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
CANON IMAGE GATEWAY Registrierungsanleitung (HKLM\...\DV CIG Guide) (Version: 1.0.0.2 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.4.0.8 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.0.3 - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version: - )
Canon MP620 series Benutzerregistrierung (HKLM\...\Canon MP620 series Benutzerregistrierung) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.0.0.8 - )
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.1.15 - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.0.1.248 - )
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CloneCD (HKLM\...\CloneCD) (Version: - SlySoft)
CMS (HKLM\...\CMS1.0.0.32) (Version: 1.0.0.32 - wapa)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version: - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
Cuttermaran 1.67 (HKLM\...\{5D5E101E-6E25-4497-944E-373D9DB20A07}) (Version: 1.6.7 - toarnold)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1616 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2609 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2806 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1412 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DE (Version: 3.0 - Corel Corporation) Hidden
Device Manager (HKLM\...\Device Manager) (Version: - )
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - )
Dropbox (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project)
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Free HD Converter V 1.4 (HKLM\...\Free HD Converter_is1) (Version: 1.4.0.0 - Koyote Soft)
Free PDF to Word Converter 1.5 (HKLM\...\Free PDF to Word Converter_is1) (Version: - Free-PDF-to-Word.com)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Gigaset M100 Data (HKLM\...\Gigaset M100 Data) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDIPCamera V1.0.1.2 (HKLM\...\HDIPCamera_is1) (Version: - HDIPCamera)
Helium (HKLM\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Help 2 Speak 1.2 (HKLM\...\Help 2 Speak for Windows Mobile Classic & Pro_is1) (Version: - Arena Games Studios)
ImageMixer 3 SE (HKLM\...\{82C19692-571C-45D2-BAF2-278225787A35}) (Version: 3.00.038 - PIXELA)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LightScribe System Software (HKLM\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Thunderbird (2.0.0.23) (HKLM\...\Mozilla Thunderbird (2.0.0.23)) (Version: 2.0.0.23 (de) - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MyFreeCodec) (Version: - )
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
NetSurveillance (HKLM\...\NetSurveillance) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 5.3.1 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Beschleunigen - Vollständige Deinstallation (HKLM\...\PCSU-SL_is1) (Version: 2.1.5 - Speedchecker Limited) <==== ACHTUNG
PC Connectivity Solution (HKLM\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PCSpeedUp Application (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\3121358167.PC Speed Up - Clean, optimize and get a faster PC now!) (Version: - PC Speed Up - Clean, optimize and get a faster PC now!) <==== ACHTUNG
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v1.0 (HKLM\...\{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}) (Version: 1.00.0000 - GreenTree Applications, Inc.) <==== ACHTUNG
PDVR (HKLM\...\PDVR168.5.5.26) (Version: 168.5.5.26 - Wapa)
QuickStores-Toolbar 1.0.0 (HKLM\...\QuickStores-Toolbar_is1) (Version: 1.0.0 - AB-Tools.com) <==== ACHTUNG
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Search-Gol Chrome Toolbar (HKLM\...\Search-Gol Chrome Toolbar) (Version: - Search-Gol) <==== ACHTUNG
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Softonic toolbar on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ACHTUNG
SolidWorks eDrawings 2010 (HKLM\...\{059D6814-73F9-480B-B0B2-D6428F1C1F99}) (Version: 10.2.122 - Dassault Systèmes SolidWorks Corp.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
Wajam (HKLM\...\WaIntEnhance) (Version: 2.23.2.8 (i2.6) - WaIntEnhance) <==== ACHTUNG
WebPlugin 1.0.3.39 (HKLM\...\WebPlugin) (Version: 1.0.3.39 - My company, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wireshark 1.8.5 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{85B13DC2-AB8D-45E9-B0AB-ABE72EC66DD7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9a1ff289-f2d3-55c6-993d-c7a95c923a04}\InprocServer32 -> C:\Program Files\VVVIPCamera\npRTPlayer.dll (RunTop)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{d3005645-a2c0-5fcf-b52e-40d1c93b6b46}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll (webnp)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02AE60CC-4705-41A6-91E6-50ABF7D83302} - System32\Tasks\{268125EB-A08A-470F-B017-A0AF0455DCBC} => pcalua.exe -a C:\Users\Ck\Downloads\Active(1).exe -d C:\Users\Ck\Downloads
Task: {127E8E32-2CF0-4CF0-950F-C0B8EA35A50B} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ACHTUNG
Task: {25198102-EC51-45EB-9E96-3F1A00598D7E} - System32\Tasks\{E442D925-062B-4048-92DD-81B6E5D4EBC7} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\MyMobile123_06152008.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {2A93CF91-7D23-4C00-AC9F-80B34E45359D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
Task: {2D771066-A4F3-46BF-8CA3-9CAFDA14E3C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2E8F338E-D82C-4BE0-A37E-D30BC60BE7CD} - System32\Tasks\{DA74A66F-ED8F-4CB5-818F-EA45C9EEAD30} => pcalua.exe -a L:\Mail\portable_thunderbird_2.0.0.6_win_de\portablethunderbird.exe -d L:\Mail\portable_thunderbird_2.0.0.6_win_de
Task: {39704CCB-91C6-4FCE-ADB3-55BFC4B12B7E} - System32\Tasks\{25DFB1E6-A77D-4292-9046-FBC6E033A8D1} => pcalua.exe -a C:\Users\Ck\Desktop\cms_en_hbw_setup.exe -d C:\Users\Ck\Desktop
Task: {4F8E0ADA-3D61-42EB-990F-9E3DCA4192F7} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe [2015-11-22] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {628D65C8-3315-4964-8E2E-A3333ECCF05F} - System32\Tasks\{1CC5E591-F6A7-4E18-8935-6150C7ADBBD3} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {66813AAB-BC6C-4DF1-AD7C-1FA047F5CFBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {6A8C4CC9-938F-4B6F-BF0F-DCD924790CEE} - System32\Tasks\{71F44B15-7CB1-4B86-BD60-D6CD264CF120} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/privacy
Task: {71CB78DC-3465-4B72-A2C5-F2347E83C5C7} - System32\Tasks\{69EF8CEA-F288-4F17-9417-BBF04DE439FB} => pcalua.exe -a C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023.exe -d C:\Users\Ck\Downloads
Task: {720D1503-4901-4D3A-AE34-C2A846495526} - System32\Tasks\{D210CFB3-7484-4E0D-A07E-00A804913C1F} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\RUU_Topaz_S_HTC_GER_2.16.407.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {786C056D-F7DD-4F91-A4C8-592D795E66B2} - System32\Tasks\{FDBDBBE2-3B9F-4E39-B60C-9A5E520FB6BE} => pcalua.exe -a C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe -d "C:\Program Files\Logitech\SetPoint"
Task: {7882BC03-0A35-4B7C-8824-612F8992586E} - System32\Tasks\{4930B6A3-896D-4B89-B490-928D2E8409F2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {83A6087A-B895-43E6-8B49-141E3604079B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B570972-C515-4AA6-AA33-FD3720281B78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8F3C77A0-80DE-4FF6-AB16-9BEED1651B92} - System32\Tasks\{FBD2B4DA-3B72-4A59-A46D-20A920C322A0} => pcalua.exe -a C:\Users\Ck\Downloads\dotnetfx3setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A1819EA4-5CA1-40C3-AD8F-82CE890AEEDB} - System32\Tasks\{226C3DB4-BC58-406E-843A-7343C8C18171} => pcalua.exe -a "C:\Users\Ck\Downloads\XDA-HTC\_HTC Touch Diamond2_RUU_Topaz_S_Vodafone_DE_2.16.162.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe" -d C:\Users\Ck\Downloads\XDA-HTC
Task: {A3A35131-2635-4486-AB91-A5DD9BDD36F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording]
Task: {AFD815CF-6434-41A1-8ADE-2B62CF9B1F7C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-20] (Google) <==== ACHTUNG
Task: {B58C017E-761D-451C-AB1A-D1879E73B069} - System32\Tasks\{4BD28B09-9A1B-4A69-BA90-67C98CB290E5} => pcalua.exe -a "C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2\NewActive.exe" -d C:\Users\Ck\Desktop
Task: {B6D39B96-0714-4D74-BB26-3C28909655BF} - System32\Tasks\{723229ED-F780-4C7B-98CB-3F4C06D62E95} => pcalua.exe -a C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20\CMS.exe -d C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20
Task: {B7EDDC49-2A82-4201-99A1-2F0C4F4A7561} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD00CA6F-0897-4711-813F-89264B56E755} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {BEB85EF8-764D-4908-AAD9-0B659819E7FE} - System32\Tasks\{0E8F34EC-4494-4A2C-AFF3-11CA2F5B4C90} => pcalua.exe -a "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&surf_6_0\instmsia.exe" -d "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&surf_6_0"
Task: {C03989FD-EAF4-41A9-AF33-707D79307A78} - System32\Tasks\{7AF1BA91-2A03-4427-9720-C576FE3DD4F8} => pcalua.exe -a "C:\Program Files\DAEMON Tools Lite\uninst.exe" -d "C:\Program Files\DAEMON Tools Lite"
Task: {C146D4B7-1BE2-41D1-B2C5-C5A514E2BCF7} - System32\Tasks\{AE2FEAEC-AF5B-49E4-AEE0-D09143669355} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/abandoninstall?page=tsBing
Task: {C542AE38-6F6C-4C03-BF32-23C131C96C9B} - System32\Tasks\FCBfan => C:\Users\Ck\AppData\Roaming\FCBfan\fcbfan.exe <==== ACHTUNG
Task: {C7C4EE56-B8AA-4351-81BD-0A6D455AC43B} - System32\Tasks\{6A6AB472-58DE-4906-B2C1-C452BD9DBA22} => pcalua.exe -a C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -c -maintain plugin
Task: {D89A30EF-DA26-4944-B61D-4241FE07E0D6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E29110D1-140F-4436-88B5-AE82F41F7645} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E8232C5C-94D3-4837-90DC-746D038E2DF3} - System32\Tasks\{34D13FC3-38F9-492B-B933-0F652EB35694} => pcalua.exe -a C:\Users\Ck\Downloads\Active.exe -d C:\Users\Ck\Downloads
Task: {F2E8B3A8-A3BD-41F4-BA6E-7ADCA98B02F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F440BE00-829C-40EF-8625-F7DDE569FEE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-08-24 17:51 - 2011-07-20 13:37 - 00206336 _____ () C:\Program Files\PC Beschleunigen\PCSUService.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-04-22 16:09 - 2009-02-25 09:13 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2016-07-14 20:58 - 2016-07-14 20:58 - 00254264 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2014-08-11 13:05 - 2014-08-11 13:04 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-08-11 13:05 - 2014-08-11 13:04 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2016-07-14 20:58 - 2016-07-14 20:58 - 00564024 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-05-29 21:58 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-27 16:32 - 2008-08-27 16:32 - 00619816 _____ () C:\Program Files\HomeCinema\Power2Go\CLMediaLibrary.dll
2008-06-09 09:55 - 2008-06-09 09:55 - 00013096 _____ () C:\Program Files\HomeCinema\Power2Go\CLMLSvcPS.dll
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2014-07-04 10:22 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-07-04 10:22 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-07-04 10:22 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-07-04 10:22 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-07-04 10:22 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-07-04 10:22 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2014-05-17 08:50 - 2014-08-26 05:43 - 02640408 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2016-04-07 18:15 - 2016-04-07 18:15 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00182272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\97fe9e5d3c179b88a47a355e3d497461\Kies.Common.DeviceServiceLib.Interface.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 15017472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\2b03fce391135d2616e3ca1f41e4d3f9\Kies.Theme.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed992385c10d33321704bbba68a32c66\Kies.UI.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2904a13c0bdf6fab78e97ed5e5349855\Kies.MVVM.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00233984 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\2ae6e946b06d8ca8c1f09e28006ac538\ASF_cSharpAPI.ni.dll
2014-08-25 06:39 - 2009-07-20 12:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-12 17:48 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-07 17:57 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-12 17:48 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-07 17:57 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-07 17:57 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-07 17:57 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 09:52 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-05-25 14:38 - 2016-05-25 14:38 - 00106776 _____ () C:\Program Files\ByteFence\x86\lz4_x86.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\dyndns.org -> hxxp://fruechtemtz.dyndns.org
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\no-ip.org -> hxxp://teufelsbox.no-ip.org
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2016-08-11 20:20 - 00001961 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 5 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.115.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7ADE6780-8950-4568-AE42-156E26523817}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{21A2A72D-C72E-48F1-81DA-6DA6C22D8159}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{75A3EED0-6127-4849-9403-C0FB7996B247}] => (Allow) LPort=26675
FirewallRules: [{599FEA04-953A-40D2-9E33-8850A8AF5D82}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{317049B1-7474-4657-B639-180C2192B20D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{46B83F69-94C7-495B-9F1D-B3E1A3403443}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8E7DEC09-287A-4881-85A3-701E56D7F9E3}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8522B942-7D77-4A85-9775-B0B13002DCD8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{85A74167-4A6B-43C0-B5CB-13278338AB69}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [TCP Query User{603E47FC-65E5-4244-9184-64B737B7A60A}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [UDP Query User{1D4156AD-EAC5-4103-9C53-228167735AA1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D5B3DD8A-548D-4477-9EAA-95262B1AA269}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CA0F2C7F-986E-4C53-A52C-3EBD9267074A}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [TCP Query User{080598C6-ED4E-45F5-9FB7-677AB378C334}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{72E75FBE-C146-4E5E-83F3-D28D0B210D50}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{5A21343C-6687-4048-A8B2-2A7E87911F08}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{B9B6546E-DBF0-40E0-A25E-07EB2C1A5449}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{4A7DDA3D-40C0-4FC6-81DD-0FEB9B07AF3F}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [UDP Query User{3D8D522F-6C42-4FA2-A127-66DA0B637A2E}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{5DF8515A-676D-40BB-8352-3989E2D9E6E3}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [{7360A445-A3CB-445A-A7DA-AB308364F275}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [{AFA72526-5207-437D-9A9C-243B050D89D9}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [UDP Query User{454A84A6-26BB-48AE-8E31-E67A875CD1CB}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{8D5C2EC7-24D9-4ADA-A8A7-9DB1C572FCDD}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{C1014B50-AF56-488F-903D-C92996D9CAD8}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [TCP Query User{31086841-A3ED-4164-B74E-3BC4A5745CE4}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [UDP Query User{28311615-6F20-478D-9805-E6AF9BA990B0}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [TCP Query User{C75E9A32-9B92-4135-9745-B1D7A517A62B}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [UDP Query User{7AAAAC3B-2EF3-4FC7-9E9F-4930BBCF0C4F}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{3571DEE7-180D-460A-B99D-6598A17DDAA7}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [UDP Query User{0EA37256-1A6C-43AA-9B79-ED34D9AD86D6}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [TCP Query User{A2EE00DF-DA65-45C4-BD89-17ACE5BAF15E}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{B5770EFC-5DD2-4FE2-98F0-71C0E0E5B583}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [TCP Query User{BF6008EA-FC83-4EAB-9024-C5F59AE5D3DD}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [UDP Query User{2708DB09-F52E-425B-BBD9-BFD51ACF273F}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{798FA436-9103-436C-98B7-5B310751EF00}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{94A1B95C-8BD9-49D7-9E59-975A0700D048}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{5615D64E-F202-46C2-9C3F-1A5DE2EE756D}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3E6A057A-F868-4CC8-AE7F-B2DE4C7C267E}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{5A6A03BC-8AC5-482B-8A81-9DD1191C935A}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{F5D27E35-B63D-4456-B9EB-D364DB20C0E4}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{173BEF30-E791-4D07-BC0A-67B9E67DFF01}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{996748D8-A0A1-4DB6-B683-81E91CEA7370}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{0EC9DE4F-B1C3-4EBC-AE09-DC4EC7A1F21A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{878E3AB6-44C1-46E6-B568-F0117D8374B2}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C6110339-8D5E-4F2D-BFE4-414D3F8DE6B0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E20F74A9-6056-4999-B500-7AAB54F89043}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{C524683F-328A-467C-ACB5-A130E4568F30}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [UDP Query User{CA5855DA-53D5-4697-B811-A24FFDD4012D}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{9DE8B423-B3A5-4F29-B155-DF31DE15D8E7}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{238B0185-2155-471B-9425-DE106D3BDFC4}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{3B17293C-4C00-4881-9180-000B36F690C8}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{67031F9B-7197-41CC-B5E5-071B3E3AAAB8}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{0D69F73B-7BF1-40FC-BF4E-F263DD772249}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{5D1A37DB-9536-4516-ABF4-F30B2C542D16}] => (Allow) LPort=26675
FirewallRules: [{7BC04F0B-A432-405C-9781-CF5D493E1D7B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F6029F4-FD1F-40EF-9014-EEE098FA3215}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [UDP Query User{64B44A5C-73C4-4356-A671-7F09E17784AD}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [TCP Query User{2C362057-AA33-4E24-BED8-64DE3F9B91D4}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [{840ED993-7ABA-41B1-A0D3-496FC341389F}] => (Allow) LPort=26675
FirewallRules: [{8A6221CD-694D-4BE2-AF91-CF07C8389BBA}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D892051C-056C-4FB3-9222-BAB0D91D525E}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{5C5D76A8-3840-4349-97B5-C5C189D9C722}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C6EB1591-5865-4589-89C2-E3915E42F284}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{44E3F3DA-D2F3-46F4-954A-4CD56F505E7E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56696065-60CE-4100-BBC1-68EBE5C1C3B0}] => (Allow) svchost.exe
FirewallRules: [{BDA30BF2-C41B-43AB-98ED-F5E0CEBCFB9F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B46585A-C0E7-4CCB-82FE-0B402D6E2D8A}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{F041C875-D884-4721-88AE-EAEEB1AE6C37}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [UDP Query User{B0849B15-63AC-4D25-908D-BF27778AD19D}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [TCP Query User{CA8DB31F-C3F4-4B5D-9314-9AAF36C30AF4}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [UDP Query User{9A981ECF-A2C7-42D8-AD98-09669E5D306C}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{0B5987A1-65A8-45A2-83B6-E4C32043AB48}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2CCEA8DE-6165-4F72-81D8-C074E23BD01F}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{896B5766-6732-4338-B6F9-BFC31E6AD5A2}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{28B899BC-5A1B-43C4-A8B2-136E72F6AD86}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{577AC29F-7498-49BC-B51A-700BD45B6D16}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{1C664FE5-209C-4E59-952F-8AA498DF9D38}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{E4955CC9-D470-406C-9197-6A6A0964EB31}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{6F21AB69-04C5-49B6-B62C-BEAB94BBADE8}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [TCP Query User{B14C26DC-59BF-4450-9A8E-517114A1B828}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{B0477CBA-6117-4144-A3ED-A1F622840314}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [{3A51ED74-5852-4624-8D5B-3C7F27B34814}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{347B8B36-BF63-4117-8F74-59201E414E81}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C0B052A0-EE5E-4F0F-B02C-9B39D690E289}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4F123978-DDCC-4C7D-8983-C28F0AAC37C3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4CDA9912-8BCF-4A9C-8E93-1EB248EC814C}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{6593E86B-F059-4D27-93EE-42E62B37FB37}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{E078E7CD-4300-498A-8962-BB78FC59226D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B9DE3BB7-7CF1-4092-B18D-0A1C35594858}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{85F34518-7490-424B-8AB5-4F42419523BE}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{19CA2410-D39C-4F2E-9F64-7420B3FA291C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E26CE404-BD83-450C-960D-BC6FB43934DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2DA798A6-223B-476D-8F79-813C9F93C735}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{25D52EF8-F436-4E35-8C52-EE52F2573908}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E1996656-6977-4E9E-ADA7-3E160AECF691}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{443F9370-1E62-48A8-A632-A8C37F37BC2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BA3523F-3CCF-4AA2-8796-C02F3B10792C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{07BCA684-9F01-4175-84C5-1EF94BBB8441}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6A713E75-8990-4BC2-B421-187DD1B01F9B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{C153EA66-1D83-49F9-A95E-425139115092}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [UDP Query User{A27F579C-298D-49FE-B298-B60ADDA8BA97}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [TCP Query User{B02F92D4-281E-48DF-AB03-EF43E5EAC785}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [UDP Query User{AF9BFE9A-4654-4ED8-B114-CFC27FF91AD1}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [{09F80C0D-913B-4F46-A587-6817106CEBE8}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{EFCC012B-F4D9-46E6-993B-9945C0DB520E}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [TCP Query User{DC10596F-6D4D-416E-942C-2C48DFF69592}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [UDP Query User{8C425570-FA19-4772-8083-9F301306B1FE}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [{51718A97-F258-4584-AB8B-ACC380823A66}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [{3D87C3A0-A733-41A7-9E8E-3ABD89667C6B}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [TCP Query User{DD1F36BE-AAB9-4E09-8DFE-A296265C0A48}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [UDP Query User{F7E647C6-B35C-4745-B8D3-B43F8CD93F75}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{6D852816-5AFB-4412-9C7F-9557CE3B9D87}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{68A50DFD-454B-42E6-A718-0E8812760048}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [TCP Query User{3E0A1CB6-3E43-4D11-AE44-FEDDD1706D7F}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [UDP Query User{84CBC649-C200-4A8A-8825-18526A177F74}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [{E66B4D10-CEED-4700-99B2-0094DC3352D9}] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [TCP Query User{0BFB32C7-CD29-46DB-8CA2-141F86B9A937}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [UDP Query User{FE7D0C21-5AB8-472D-B50F-B30045A1368B}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{A97A3298-81B9-44EA-A54A-57461C60B58B}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{C42B7E11-A936-4661-87FF-3B6B4FC433CC}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{93FDD038-375F-47C5-B099-210C2CD956D1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DD93A56E-FB80-4B42-8D67-CC50C40250A4}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A5BAEC36-35BA-4432-A686-5FB7D4553F92}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{93682502-70C5-4CD6-A523-B95BFC6F4869}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{EAB66A79-D3AF-44CC-9ABC-1086881AC862}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{04262082-E829-41EB-BE46-443E1C0BE11A}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{1B065B1D-3877-457C-830F-507BC3D732BA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Wiederherstellungspunkte =========================
22-07-2016 00:00:06 Geplanter Prüfpunkt
02-08-2016 22:50:21 Geplanter Prüfpunkt
02-08-2016 23:24:25 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Description: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AzureWave Technologies, Inc.
Service: netr28u
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/11/2016 08:21:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/10/2016 05:55:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2016 05:36:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/04/2016 11:35:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/02/2016 11:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/02/2016 11:59:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/02/2016 09:29:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/23/2016 01:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ByteFence.exe, Version: 2.3.0.0, Zeitstempel: 0x57683013
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a7a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3b03
ID des fehlerhaften Prozesses: 0x1150
Startzeit der fehlerhaften Anwendung: 0xByteFence.exe0
Pfad der fehlerhaften Anwendung: ByteFence.exe1
Pfad des fehlerhaften Moduls: ByteFence.exe2
Berichtskennung: ByteFence.exe3
Error: (07/23/2016 09:34:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2016 06:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/11/2016 08:21:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/11/2016 08:19:57 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/10/2016 05:54:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/10/2016 05:53:05 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/07/2016 05:35:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/07/2016 05:34:18 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/04/2016 11:35:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/04/2016 11:33:56 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/02/2016 11:59:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/02/2016 11:57:10 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
CodeIntegrity:
===================================
Date: 2013-05-31 12:34:57.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.633
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.351
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:56.775
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:23.148
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.853
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.566
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.271
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:21.976
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3326.18 MB
Verfügbarer physikalischer RAM: 1051.25 MB
Summe virtueller Speicher: 6650.68 MB
Verfügbarer virtueller Speicher: 4483.9 MB
==================== Laufwerke ================================
Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:116.45 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:8.84 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F98D6E74)
==================== Ende vom Addition.txt ============================
|
|
11.08.2016, 19:54
| #3 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-ComCode:
ATTFilter 20:50:46.0081 0x1bc8 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
20:50:49.0324 0x1bc8 ============================================================
20:50:49.0324 0x1bc8 Current date / time: 2016/08/11 20:50:49.0324
20:50:49.0324 0x1bc8 SystemInfo:
20:50:49.0324 0x1bc8
20:50:49.0324 0x1bc8 OS Version: 6.1.7601 ServicePack: 1.0
20:50:49.0324 0x1bc8 Product type: Workstation
20:50:49.0324 0x1bc8 ComputerName: CK-PC
20:50:49.0324 0x1bc8 UserName: Ck
20:50:49.0324 0x1bc8 Windows directory: C:\Windows
20:50:49.0324 0x1bc8 System windows directory: C:\Windows
20:50:49.0324 0x1bc8 Processor architecture: Intel x86
20:50:49.0324 0x1bc8 Number of processors: 4
20:50:49.0324 0x1bc8 Page size: 0x1000
20:50:49.0324 0x1bc8 Boot type: Normal boot
20:50:49.0324 0x1bc8 CodeIntegrityOptions = 0x00000000
20:50:49.0324 0x1bc8 ============================================================
20:50:49.0548 0x1bc8 KLMD registered as C:\Windows\system32\drivers\97523810.sys
20:50:49.0548 0x1bc8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23418, osProperties = 0x0
20:50:50.0039 0x1bc8 System UUID: {3F06C4F9-2B3F-54A5-59EC-8E249973F4E5}
20:50:50.0581 0x1bc8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:50:50.0592 0x1bc8 ============================================================
20:50:50.0592 0x1bc8 \Device\Harddisk0\DR0:
20:50:50.0592 0x1bc8 MBR partitions:
20:50:50.0592 0x1bc8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x71F04800
20:50:50.0623 0x1bc8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x71F0503F, BlocksNum 0x2800982
20:50:50.0623 0x1bc8 ============================================================
20:50:50.0667 0x1bc8 C: <-> \Device\Harddisk0\DR0\Partition1
20:50:50.0699 0x1bc8 D: <-> \Device\Harddisk0\DR0\Partition2
20:50:50.0699 0x1bc8 ============================================================
20:50:50.0699 0x1bc8 Initialize success
20:50:50.0699 0x1bc8 ============================================================
20:51:29.0724 0x12f4 ============================================================
20:51:29.0724 0x12f4 Scan started
20:51:29.0724 0x12f4 Mode: Manual; SigCheck; TDLFS;
20:51:29.0724 0x12f4 ============================================================
20:51:29.0724 0x12f4 KSN ping started
20:51:29.0798 0x12f4 KSN ping finished: true
20:51:32.0820 0x12f4 ================ Scan system memory ========================
20:51:32.0820 0x12f4 System memory - ok
20:51:32.0820 0x12f4 ================ Scan services =============================
20:51:33.0040 0x12f4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:51:33.0167 0x12f4 1394ohci - ok
20:51:33.0211 0x12f4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:51:33.0230 0x12f4 ACPI - ok
20:51:33.0250 0x12f4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:51:33.0313 0x12f4 AcpiPmi - ok
20:51:33.0469 0x12f4 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:51:33.0483 0x12f4 AdobeARMservice - ok
20:51:33.0595 0x12f4 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:51:33.0612 0x12f4 AdobeFlashPlayerUpdateSvc - ok
20:51:33.0681 0x12f4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:51:33.0717 0x12f4 adp94xx - ok
20:51:33.0746 0x12f4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:51:33.0766 0x12f4 adpahci - ok
20:51:33.0784 0x12f4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:51:33.0800 0x12f4 adpu320 - ok
20:51:33.0850 0x12f4 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:51:33.0871 0x12f4 AeLookupSvc - ok
20:51:33.0944 0x12f4 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
20:51:33.0987 0x12f4 AFD - ok
20:51:34.0006 0x12f4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:51:34.0020 0x12f4 agp440 - ok
20:51:34.0084 0x12f4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:51:34.0098 0x12f4 aic78xx - ok
20:51:34.0146 0x12f4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:51:34.0213 0x12f4 ALG - ok
20:51:34.0272 0x12f4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
20:51:34.0285 0x12f4 aliide - ok
20:51:34.0303 0x12f4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:51:34.0317 0x12f4 amdagp - ok
20:51:34.0330 0x12f4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
20:51:34.0343 0x12f4 amdide - ok
20:51:34.0392 0x12f4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:51:34.0451 0x12f4 AmdK8 - ok
20:51:34.0466 0x12f4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:51:34.0507 0x12f4 AmdPPM - ok
20:51:34.0550 0x12f4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:51:34.0565 0x12f4 amdsata - ok
20:51:34.0586 0x12f4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:51:34.0602 0x12f4 amdsbs - ok
20:51:34.0620 0x12f4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:51:34.0633 0x12f4 amdxata - ok
20:51:34.0688 0x12f4 [ C7F5CAE0B450BE875EEE0E6DDFA771FE, 4FDDC802C245606C8A9140F8DF3445FDD6F7112A516F68A04EA15CEB92852E67 ] AppID C:\Windows\system32\drivers\appid.sys
20:51:34.0750 0x12f4 AppID - ok
20:51:34.0765 0x12f4 [ 8333787D8FCA460C0DD70436464A8A8D, 00AE5CE2FB2DF53B5850B561120A29F757A482115E4D8A52D8033502A45B138D ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:51:34.0792 0x12f4 AppIDSvc - ok
20:51:34.0840 0x12f4 [ 5EBE43384E25C3885833D5D8B4C6A143, C935BAEA51A418FBD30B3C9321D51963EF797D28A4DFF6CBB144A673BBA1C687 ] Appinfo C:\Windows\System32\appinfo.dll
20:51:34.0867 0x12f4 Appinfo - ok
20:51:34.0958 0x12f4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:51:34.0973 0x12f4 arc - ok
20:51:34.0984 0x12f4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:51:34.0999 0x12f4 arcsas - ok
20:51:35.0173 0x12f4 [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:51:35.0211 0x12f4 aspnet_state - ok
20:51:35.0276 0x12f4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:51:35.0334 0x12f4 AsyncMac - ok
20:51:35.0397 0x12f4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
20:51:35.0410 0x12f4 atapi - ok
20:51:35.0487 0x12f4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:51:35.0560 0x12f4 AudioEndpointBuilder - ok
20:51:35.0575 0x12f4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:51:35.0598 0x12f4 Audiosrv - ok
20:51:35.0840 0x12f4 [ CAF8BC64B176E0538DD8E48843362BCD, 22DB7FBEE6C86E8083F40E4D355E97A123DCC9337E1B48F75A40CD6971576846 ] AvgAMPS C:\Program Files\AVG\Av\avgamps.exe
20:51:35.0879 0x12f4 AvgAMPS - ok
20:51:35.0968 0x12f4 [ B4FE5254D70F41057C291DB346066EBD, 5F9A55D0E0F124A8F35703D83877F5618684870DDE9AC669BB12111242860452 ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
20:51:35.0987 0x12f4 Avgdiskx - ok
20:51:36.0149 0x12f4 [ 22DECED310A21212D1EDB8D4D21F3C7B, EC3C584BB6CEA7B7B8F226CCD120E52619824720896E4E06965A4BBC1C1EECBC ] AVGIDSAgent C:\Program Files\AVG\Av\avgidsagent.exe
20:51:36.0274 0x12f4 AVGIDSAgent - ok
20:51:36.0348 0x12f4 [ C6532F264B429847561172D6FCAF47D5, 660CCCC12D24D53A5C578F25AA30862B6F03490401E1CB53265CC9D5DE51CFE4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:51:36.0370 0x12f4 AVGIDSDriver - ok
20:51:36.0427 0x12f4 [ D7E4BF5EEAD9FD6AE1787B61DFC44D02, 74E198EED4F71E316E74A160799261E6A6E417DC0350D775271F92E9F32275B1 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
20:51:36.0447 0x12f4 AVGIDSHX - ok
20:51:36.0493 0x12f4 [ B6226F1D3146C8CE136366CEB5DBD256, 929E8A8AB33CDE2A005F5264C1614969BE7A7BF0450D1F0C51CC2E631FA7361B ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:51:36.0507 0x12f4 AVGIDSShim - ok
20:51:36.0522 0x12f4 [ 94D54A39739EF82F39A4FB0DB507ED6E, 6DE810BC1B65E7CFC42AE0EF80052AEFD4DD04F14ED76BBF46EDE29ADCC4A1A1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
20:51:36.0542 0x12f4 Avgldx86 - ok
20:51:36.0604 0x12f4 [ 4BFCE82C91F94ADE7B806C13AA8304AB, 240B466CE2B10AFF5E0B48BD450261A299484D84C8053EDFFD2ED0F57B5E6057 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
20:51:36.0626 0x12f4 Avglogx - ok
20:51:36.0656 0x12f4 [ 674165AFB0870A916688EB7E5F42666C, E46CA51DDC1B0F862BCEDBD409F1CA52506CBE07E2FCBF035DF610917F15AF6B ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
20:51:36.0691 0x12f4 Avgmfx86 - ok
20:51:36.0742 0x12f4 [ C4204EC9C5FDF51121EF0BD41F11E5C4, 3138D1B28A1B09C19FDCB5033F36F529D0B47B8C031CF70A43C0174BBBB6522E ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
20:51:36.0758 0x12f4 Avgrkx86 - ok
20:51:36.0892 0x12f4 [ 538191D31E96EE5EE30A00EFCCFC222A, E3DD5473257DE824E6602D13C3CC659A531715F73B6F353A3DC0206D291DEEA6 ] avgsvc C:\Program Files\AVG\Framework\Common\avgsvcx.exe
20:51:36.0929 0x12f4 avgsvc - ok
20:51:36.0984 0x12f4 [ AFA94FA2E24B2AD948E639DC7508337A, FCE03381DFA6CDF3E9B6AEC58ADF6BDA9792233A07CA0C040E8954CC8E6E0B97 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
20:51:37.0018 0x12f4 Avgtdix - ok
20:51:37.0061 0x12f4 [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
20:51:37.0074 0x12f4 avgtp - ok
20:51:37.0116 0x12f4 [ F575E50DC611A7D27D635A95B7E5B0FA, 634D5DD30058E3067B8CE26EB4FDC3D9DA869FEA64C747EFFAF80636E02DC1F0 ] Avgunivx C:\Windows\system32\DRIVERS\avgunivx.sys
20:51:37.0146 0x12f4 Avgunivx - ok
20:51:37.0211 0x12f4 [ 97E8EA87A5764E7637611D9D7CF24A1E, ACE4FD9FFACF1E799BBA97076EFEBE71D2CDCD6B3A89CC1E31192C825F7DB504 ] avgwd C:\Program Files\AVG\Av\avgwdsvcx.exe
20:51:37.0244 0x12f4 avgwd - ok
20:51:37.0345 0x12f4 [ 2A37D2DD959166531F7172CD1DE21964, EE4E19F83760C7CA03075315DC291A351D045C132958E28D3801A6D68409C349 ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
20:51:37.0361 0x12f4 avmike - ok
20:51:37.0423 0x12f4 [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService C:\Program Files\FRITZ!Powerline\PowerlineService.exe
20:51:37.0456 0x12f4 AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:37.0498 0x12f4 Detect skipped due to KSN trusted
20:51:37.0498 0x12f4 AVMPowerlineService - ok
20:51:37.0575 0x12f4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:51:37.0647 0x12f4 AxInstSV - ok
20:51:37.0713 0x12f4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:51:37.0754 0x12f4 b06bdrv - ok
20:51:37.0781 0x12f4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:51:37.0800 0x12f4 b57nd60x - ok
20:51:37.0866 0x12f4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:51:37.0924 0x12f4 BDESVC - ok
20:51:37.0977 0x12f4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:51:38.0003 0x12f4 Beep - ok
20:51:38.0068 0x12f4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
20:51:38.0105 0x12f4 BFE - ok
20:51:38.0177 0x12f4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
20:51:38.0304 0x12f4 BITS - ok
20:51:38.0350 0x12f4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:51:38.0364 0x12f4 blbdrive - ok
20:51:38.0387 0x12f4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:51:38.0467 0x12f4 bowser - ok
20:51:38.0480 0x12f4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:51:38.0535 0x12f4 BrFiltLo - ok
20:51:38.0554 0x12f4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:51:38.0569 0x12f4 BrFiltUp - ok
20:51:38.0600 0x12f4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
20:51:38.0625 0x12f4 Browser - ok
20:51:38.0683 0x12f4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:51:38.0766 0x12f4 Brserid - ok
20:51:38.0783 0x12f4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:51:38.0817 0x12f4 BrSerWdm - ok
20:51:38.0858 0x12f4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:51:38.0873 0x12f4 BrUsbMdm - ok
20:51:38.0885 0x12f4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:51:38.0899 0x12f4 BrUsbSer - ok
20:51:38.0916 0x12f4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:51:38.0932 0x12f4 BTHMODEM - ok
20:51:38.0989 0x12f4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:51:39.0028 0x12f4 bthserv - ok
20:51:39.0087 0x12f4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:51:39.0138 0x12f4 cdfs - ok
20:51:39.0182 0x12f4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:51:39.0212 0x12f4 cdrom - ok
20:51:39.0273 0x12f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
20:51:39.0299 0x12f4 CertPropSvc - ok
20:51:39.0362 0x12f4 [ 17DEE799B508DCF61A3B60DBE1CBAABB, 1D821DA08F01A05F95EF24BC4A437EE7B5CF6796DB0A51B0E0602147BE65D245 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
20:51:39.0374 0x12f4 certsrv - ok
20:51:39.0425 0x12f4 [ 7B4AA3F4435950130BC0D9AC6F32DF36, 72EA4DC369145F00F45CC3D0BD3821DBBF0B46E59CDC7FE5C0E2C829C603BB8F ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
20:51:39.0438 0x12f4 CGVPNCliService - ok
20:51:39.0494 0x12f4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:51:39.0531 0x12f4 circlass - ok
20:51:39.0570 0x12f4 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
20:51:39.0590 0x12f4 CLFS - ok
20:51:39.0683 0x12f4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:51:39.0698 0x12f4 clr_optimization_v2.0.50727_32 - ok
20:51:39.0745 0x12f4 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:39.0792 0x12f4 clr_optimization_v4.0.30319_32 - ok
20:51:39.0837 0x12f4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:51:39.0873 0x12f4 CmBatt - ok
20:51:39.0901 0x12f4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:51:39.0914 0x12f4 cmdide - ok
20:51:39.0967 0x12f4 [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG C:\Windows\system32\Drivers\cng.sys
20:51:39.0994 0x12f4 CNG - ok
20:51:40.0006 0x12f4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:51:40.0019 0x12f4 Compbatt - ok
20:51:40.0030 0x12f4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:51:40.0068 0x12f4 CompositeBus - ok
20:51:40.0093 0x12f4 COMSysApp - ok
20:51:40.0148 0x12f4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:51:40.0161 0x12f4 crcdisk - ok
20:51:40.0213 0x12f4 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:51:40.0261 0x12f4 CryptSvc - ok
20:51:40.0323 0x12f4 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:51:40.0378 0x12f4 DcomLaunch - ok
20:51:40.0435 0x12f4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:51:40.0490 0x12f4 defragsvc - ok
20:51:40.0559 0x12f4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:51:40.0585 0x12f4 DfsC - ok
20:51:40.0624 0x12f4 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:51:40.0638 0x12f4 dg_ssudbus - ok
20:51:40.0716 0x12f4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:51:40.0769 0x12f4 Dhcp - ok
20:51:40.0858 0x12f4 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
20:51:40.0902 0x12f4 DiagTrack - ok
20:51:40.0955 0x12f4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:51:41.0003 0x12f4 discache - ok
20:51:41.0076 0x12f4 [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
20:51:41.0089 0x12f4 Disk - ok
20:51:41.0111 0x12f4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:51:41.0138 0x12f4 Dnscache - ok
20:51:41.0194 0x12f4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
20:51:41.0251 0x12f4 dot3svc - ok
20:51:41.0324 0x12f4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
20:51:41.0379 0x12f4 DPS - ok
20:51:41.0444 0x12f4 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:51:41.0507 0x12f4 drmkaud - ok
20:51:41.0555 0x12f4 [ 651554E483712B708EDE864D0CA1AA73, A016C03D630A2FF7FC44B826DEA890F5AC09DD270588CEAD05F63A5A0AC79249 ] DrvAgent32 C:\Windows\system32\Drivers\DrvAgent32.sys
20:51:41.0560 0x12f4 DrvAgent32 - detected UnsignedFile.Multi.Generic ( 1 )
20:51:41.0600 0x12f4 Detect skipped due to KSN trusted
20:51:41.0600 0x12f4 DrvAgent32 - ok
20:51:41.0659 0x12f4 [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:51:41.0677 0x12f4 dtsoftbus01 - ok
20:51:41.0744 0x12f4 [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:51:41.0775 0x12f4 DXGKrnl - ok
20:51:41.0839 0x12f4 [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
20:51:41.0897 0x12f4 e1express - ok
20:51:41.0957 0x12f4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:51:42.0013 0x12f4 EapHost - ok
20:51:42.0158 0x12f4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:51:42.0270 0x12f4 ebdrv - ok
20:51:42.0327 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] EFS C:\Windows\System32\lsass.exe
20:51:42.0365 0x12f4 EFS - ok
20:51:42.0421 0x12f4 [ CE37E3D51912E59C80C6D84337C0B4CD, CE15CFFCF1D099DC6B9423746DDADCAE6BAFFCF037DD9F3FF154A8E69022A861 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
20:51:42.0434 0x12f4 ElbyCDFL - ok
20:51:42.0447 0x12f4 [ AAA8999A169E39FB8B48AE49CD6AC30A, 8137CE22D0D0FC5EA5B174D6AD3506A4949506477B1325DA2CCB76511F4C4F60 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:51:42.0459 0x12f4 ElbyCDIO - ok
20:51:42.0521 0x12f4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:51:42.0545 0x12f4 elxstor - ok
20:51:42.0576 0x12f4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:51:42.0616 0x12f4 ErrDev - ok
20:51:42.0659 0x12f4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:51:42.0692 0x12f4 EventSystem - ok
20:51:42.0707 0x12f4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:51:42.0760 0x12f4 exfat - ok
20:51:42.0789 0x12f4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:51:42.0844 0x12f4 fastfat - ok
20:51:42.0933 0x12f4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
20:51:42.0969 0x12f4 Fax - ok
20:51:43.0016 0x12f4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:51:43.0051 0x12f4 fdc - ok
20:51:43.0084 0x12f4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:51:43.0120 0x12f4 fdPHost - ok
20:51:43.0129 0x12f4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:51:43.0174 0x12f4 FDResPub - ok
20:51:43.0193 0x12f4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:51:43.0207 0x12f4 FileInfo - ok
20:51:43.0219 0x12f4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:51:43.0270 0x12f4 Filetrace - ok
20:51:43.0281 0x12f4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:51:43.0296 0x12f4 flpydisk - ok
20:51:43.0313 0x12f4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:51:43.0330 0x12f4 FltMgr - ok
20:51:43.0412 0x12f4 [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache C:\Windows\system32\FntCache.dll
20:51:43.0478 0x12f4 FontCache - ok
20:51:43.0584 0x12f4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:51:43.0597 0x12f4 FontCache3.0.0.0 - ok
20:51:43.0647 0x12f4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:51:43.0661 0x12f4 FsDepends - ok
20:51:43.0689 0x12f4 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
20:51:43.0696 0x12f4 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
20:51:43.0758 0x12f4 Detect skipped due to KSN trusted
20:51:43.0758 0x12f4 FsUsbExDisk - ok
20:51:43.0777 0x12f4 [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
20:51:43.0788 0x12f4 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:43.0829 0x12f4 Detect skipped due to KSN trusted
20:51:43.0829 0x12f4 FsUsbExService - ok
20:51:43.0864 0x12f4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:51:43.0878 0x12f4 Fs_Rec - ok
20:51:43.0910 0x12f4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:51:43.0930 0x12f4 fvevol - ok
20:51:43.0985 0x12f4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:51:43.0999 0x12f4 gagp30kx - ok
20:51:44.0063 0x12f4 [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
20:51:44.0149 0x12f4 gpsvc - ok
20:51:44.0306 0x12f4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:51:44.0320 0x12f4 gupdate - ok
20:51:44.0347 0x12f4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:51:44.0361 0x12f4 gupdatem - ok
20:51:44.0384 0x12f4 [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:51:44.0400 0x12f4 gusvc - ok
20:51:44.0456 0x12f4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:51:44.0516 0x12f4 hcw85cir - ok
20:51:44.0550 0x12f4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:51:44.0568 0x12f4 HDAudBus - ok
20:51:44.0580 0x12f4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:51:44.0614 0x12f4 HidBatt - ok
20:51:44.0643 0x12f4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:51:44.0660 0x12f4 HidBth - ok
20:51:44.0722 0x12f4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:51:44.0739 0x12f4 HidIr - ok
20:51:44.0793 0x12f4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
20:51:44.0857 0x12f4 hidserv - ok
20:51:44.0940 0x12f4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:51:44.0988 0x12f4 HidUsb - ok
20:51:45.0041 0x12f4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
20:51:45.0082 0x12f4 hkmsvc - ok
20:51:45.0128 0x12f4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:51:45.0150 0x12f4 HomeGroupListener - ok
20:51:45.0203 0x12f4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:51:45.0222 0x12f4 HomeGroupProvider - ok
20:51:45.0254 0x12f4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:51:45.0268 0x12f4 HpSAMD - ok
20:51:45.0331 0x12f4 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:51:45.0404 0x12f4 HTTP - ok
20:51:45.0453 0x12f4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:51:45.0466 0x12f4 hwpolicy - ok
20:51:45.0484 0x12f4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:51:45.0520 0x12f4 i8042prt - ok
20:51:45.0580 0x12f4 [ 9BCF5972C941B4B5CB60DED03CB9E300, 96D9410DA54DEC58A440F30F1FD426BDA959A9DF29882EA53EC4FE8F8DF315E9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:51:45.0599 0x12f4 IAANTMON - ok
20:51:45.0655 0x12f4 [ 28AAE599496B4930B3F19026F2083BC4, 7C3531D645E5DA86C62C1CB9256450A19D27A454D89ECF5AE7AF9820B89553E8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:51:45.0671 0x12f4 iaStor - ok
20:51:45.0694 0x12f4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:51:45.0715 0x12f4 iaStorV - ok
20:51:45.0798 0x12f4 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:51:45.0834 0x12f4 idsvc - ok
20:51:45.0875 0x12f4 IEEtwCollectorService - ok
20:51:45.0928 0x12f4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:51:45.0941 0x12f4 iirsp - ok
20:51:46.0015 0x12f4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
20:51:46.0062 0x12f4 IKEEXT - ok
20:51:46.0211 0x12f4 [ 2790CC09422B6BEDAE9825AE289E9BB7, 2EE402EBA2915147C8950DEF8D047D98DF752A0B81358F2A09821CE0AB83073C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:51:46.0292 0x12f4 IntcAzAudAddService - ok
20:51:46.0345 0x12f4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
20:51:46.0361 0x12f4 intelide - ok
20:51:46.0416 0x12f4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:51:46.0451 0x12f4 intelppm - ok
20:51:46.0482 0x12f4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:51:46.0537 0x12f4 IPBusEnum - ok
20:51:46.0569 0x12f4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:51:46.0619 0x12f4 IpFilterDriver - ok
20:51:46.0663 0x12f4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:51:46.0694 0x12f4 iphlpsvc - ok
20:51:46.0716 0x12f4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:51:46.0748 0x12f4 IPMIDRV - ok
20:51:46.0800 0x12f4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:51:46.0828 0x12f4 IPNAT - ok
20:51:46.0850 0x12f4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:51:46.0913 0x12f4 IRENUM - ok
20:51:46.0939 0x12f4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:51:46.0952 0x12f4 isapnp - ok
20:51:47.0005 0x12f4 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:51:47.0023 0x12f4 iScsiPrt - ok
20:51:47.0054 0x12f4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:51:47.0067 0x12f4 kbdclass - ok
20:51:47.0086 0x12f4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:51:47.0099 0x12f4 kbdhid - ok
20:51:47.0110 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] KeyIso C:\Windows\system32\lsass.exe
20:51:47.0125 0x12f4 KeyIso - ok
20:51:47.0154 0x12f4 [ B2071121098F35650C62DE7D9CB45E60, EFBAE176530535E6A03DCA4B9AA4BF93E3A7FC5E92E043AA79D05769A6A7E520 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:51:47.0168 0x12f4 KSecDD - ok
20:51:47.0195 0x12f4 [ AA4D0F9EFDE0178F90C0EF3E82A42DB1, 82C3D1C700D8547656EFBD5E62D0939542B956C83D44CD5FB7BE77B06A4B06FF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:51:47.0212 0x12f4 KSecPkg - ok
20:51:47.0278 0x12f4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:51:47.0324 0x12f4 KtmRm - ok
20:51:47.0378 0x12f4 [ 0C6E346CDE730CF1356DD69AD6E9BC42, 75FD3E138D18FD602E38E446AA8CD29E8D60A8B64C863E59DA5EC08B717F16CA ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
20:51:47.0388 0x12f4 L8042Kbd - ok
20:51:47.0403 0x12f4 [ 8A5993705ADD14352C9A279FA8338334, D1EA18B82DED503B81214A797F4B074D62B73E0C19579B4A7122CE6FBD005C34 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
20:51:47.0414 0x12f4 L8042mou - ok
20:51:47.0476 0x12f4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:51:47.0516 0x12f4 LanmanServer - ok
20:51:47.0537 0x12f4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:51:47.0565 0x12f4 LanmanWorkstation - ok
20:51:47.0680 0x12f4 [ 3AF6B73A3AD1FC37C5933441F66CEB91, F83C709C53DF482D123B2F6EEFE65FB1EBFED8C9F29C29C5500702076745C2DA ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
20:51:47.0703 0x12f4 LBTServ - ok
20:51:47.0762 0x12f4 [ 7F9C7B28CF1C859E1C42619EEA946DC8, 098082174C549D67B4B2259702018989A39A8641339EE7CB1E7651F9F508A4B9 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:51:47.0773 0x12f4 LHidFilt - ok
20:51:47.0802 0x12f4 [ 108333981C841EB0FF198AA5DFCF3D3B, 726B4BEA813F18668A0682D1D427F6E3676A2EA2501EB7E64199B65D23F45FC8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:51:47.0837 0x12f4 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:47.0878 0x12f4 Detect skipped due to KSN trusted
20:51:47.0878 0x12f4 LightScribeService - ok
20:51:47.0946 0x12f4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:51:47.0997 0x12f4 lltdio - ok
20:51:48.0047 0x12f4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:51:48.0104 0x12f4 lltdsvc - ok
20:51:48.0129 0x12f4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:51:48.0176 0x12f4 lmhosts - ok
20:51:48.0256 0x12f4 [ AB33792A87285344F43B5CE23421BAB0, 79E327764350A6F3F0E25F3295D0C70620EFD5252C0C765446210B67C62568FF ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:51:48.0266 0x12f4 LMouFilt - ok
20:51:48.0330 0x12f4 [ 9837E55673818ECD8FEBB47F7F77521A, 75DD22E1CB38BBE796EC6918D03E8106B05B977A53FACEB2AFEB8D4D222F383B ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
20:51:48.0341 0x12f4 LMouKE - ok
20:51:48.0365 0x12f4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:51:48.0380 0x12f4 LSI_FC - ok
20:51:48.0441 0x12f4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:51:48.0456 0x12f4 LSI_SAS - ok
20:51:48.0476 0x12f4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:51:48.0490 0x12f4 LSI_SAS2 - ok
20:51:48.0505 0x12f4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:51:48.0521 0x12f4 LSI_SCSI - ok
20:51:48.0530 0x12f4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:51:48.0581 0x12f4 luafv - ok
20:51:48.0632 0x12f4 [ 77030525CD86A93F1AF34FA9B96D33CE, 6EF46B127B0BD0C10E9FAB24EE3D53483124C97BD5BDD322C217BB9255715A0E ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
20:51:48.0643 0x12f4 LUsbFilt - ok
20:51:48.0719 0x12f4 [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
20:51:48.0737 0x12f4 McComponentHostService - ok
20:51:48.0783 0x12f4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:51:48.0798 0x12f4 megasas - ok
20:51:48.0844 0x12f4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:51:48.0862 0x12f4 MegaSR - ok
20:51:48.0960 0x12f4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:51:49.0004 0x12f4 Microsoft Office Groove Audit Service - ok
20:51:49.0039 0x12f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:51:49.0066 0x12f4 MMCSS - ok
20:51:49.0082 0x12f4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:51:49.0108 0x12f4 Modem - ok
20:51:49.0160 0x12f4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:51:49.0197 0x12f4 monitor - ok
20:51:49.0241 0x12f4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:51:49.0254 0x12f4 mouclass - ok
20:51:49.0267 0x12f4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:51:49.0280 0x12f4 mouhid - ok
20:51:49.0325 0x12f4 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:51:49.0340 0x12f4 mountmgr - ok
20:51:49.0355 0x12f4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
20:51:49.0371 0x12f4 mpio - ok
20:51:49.0391 0x12f4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:51:49.0416 0x12f4 mpsdrv - ok
20:51:49.0478 0x12f4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:51:49.0538 0x12f4 MpsSvc - ok
20:51:49.0580 0x12f4 [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:51:49.0611 0x12f4 MRxDAV - ok
20:51:49.0658 0x12f4 [ 89CC31A9E81F840D914ABC2E3BD70F9C, 97E6C5A75E38AEFB31DEF14B154F83ED910D3F12F0C0CB2D044DF6315CA7E27B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:51:49.0698 0x12f4 mrxsmb - ok
20:51:49.0721 0x12f4 [ 36E6FFBBEC96725A33CEDE538258CCDA, 79BEA07C13B539EC3436ABDF1BDFA21A7A80529E5609DAAAD6A36E3546742A2A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:51:49.0757 0x12f4 mrxsmb10 - ok
20:51:49.0778 0x12f4 [ 7974D617D78D78689BF3AA7D51EC6AD5, B5F4FDFF713665DE54B3161B15257845305266DC3397EB278E9150F577385576 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:51:49.0817 0x12f4 mrxsmb20 - ok
20:51:49.0851 0x12f4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
20:51:49.0864 0x12f4 msahci - ok
20:51:49.0880 0x12f4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:51:49.0895 0x12f4 msdsm - ok
20:51:49.0946 0x12f4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:51:49.0990 0x12f4 MSDTC - ok
20:51:50.0031 0x12f4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:51:50.0057 0x12f4 Msfs - ok
20:51:50.0070 0x12f4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:51:50.0114 0x12f4 mshidkmdf - ok
20:51:50.0148 0x12f4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:51:50.0161 0x12f4 msisadrv - ok
20:51:50.0219 0x12f4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:51:50.0247 0x12f4 MSiSCSI - ok
20:51:50.0252 0x12f4 msiserver - ok
20:51:50.0275 0x12f4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:51:50.0316 0x12f4 MSKSSRV - ok
20:51:50.0336 0x12f4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:51:50.0361 0x12f4 MSPCLOCK - ok
20:51:50.0410 0x12f4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:51:50.0435 0x12f4 MSPQM - ok
20:51:50.0449 0x12f4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:51:50.0467 0x12f4 MsRPC - ok
20:51:50.0488 0x12f4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:51:50.0501 0x12f4 mssmbios - ok
20:51:50.0512 0x12f4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:51:50.0560 0x12f4 MSTEE - ok
20:51:50.0584 0x12f4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:51:50.0613 0x12f4 MTConfig - ok
20:51:50.0634 0x12f4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
20:51:50.0648 0x12f4 Mup - ok
20:51:50.0703 0x12f4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
20:51:50.0737 0x12f4 napagent - ok
20:51:50.0801 0x12f4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:51:50.0823 0x12f4 NativeWifiP - ok
20:51:50.0888 0x12f4 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:51:50.0920 0x12f4 NDIS - ok
20:51:50.0938 0x12f4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:51:50.0964 0x12f4 NdisCap - ok
20:51:50.0982 0x12f4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:51:51.0007 0x12f4 NdisTapi - ok
20:51:51.0057 0x12f4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:51:51.0083 0x12f4 Ndisuio - ok
20:51:51.0136 0x12f4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:51:51.0187 0x12f4 NdisWan - ok
20:51:51.0220 0x12f4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:51:51.0246 0x12f4 NDProxy - ok
20:51:51.0295 0x12f4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:51:51.0321 0x12f4 NetBIOS - ok
20:51:51.0375 0x12f4 [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:51:51.0440 0x12f4 NetBT - ok
20:51:51.0452 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] Netlogon C:\Windows\system32\lsass.exe
20:51:51.0466 0x12f4 Netlogon - ok
20:51:51.0522 0x12f4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
20:51:51.0581 0x12f4 Netman - ok
20:51:51.0652 0x12f4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0670 0x12f4 NetMsmqActivator - ok
20:51:51.0676 0x12f4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0693 0x12f4 NetPipeActivator - ok
20:51:51.0718 0x12f4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
20:51:51.0765 0x12f4 netprofm - ok
20:51:51.0833 0x12f4 [ 27EE4B406E2F26F6117A9A420BD4CB65, D4EB07F56A1D1F0DA2197AB80917036A057A543F837CE5B102EE4F4ACA4606A7 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
20:51:51.0865 0x12f4 netr28u - ok
20:51:51.0884 0x12f4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0901 0x12f4 NetTcpActivator - ok
20:51:51.0907 0x12f4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0924 0x12f4 NetTcpPortSharing - ok
20:51:51.0983 0x12f4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:51:51.0997 0x12f4 nfrd960 - ok
20:51:52.0054 0x12f4 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:51:52.0078 0x12f4 NlaSvc - ok
20:51:52.0092 0x12f4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:51:52.0143 0x12f4 Npfs - ok
20:51:52.0201 0x12f4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
20:51:52.0227 0x12f4 nsi - ok
20:51:52.0237 0x12f4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:51:52.0263 0x12f4 nsiproxy - ok
20:51:52.0364 0x12f4 [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:51:52.0410 0x12f4 Ntfs - ok
20:51:52.0461 0x12f4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
20:51:52.0514 0x12f4 Null - ok
20:51:52.0815 0x12f4 [ 484844C0D892B42ECC5E6B063D072A38, 9687991EE45F8993F1D03D8E2409F74E20C72421CEE26F517B40384A95EF7287 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:51:53.0188 0x12f4 nvlddmkm - ok
20:51:53.0245 0x12f4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:51:53.0266 0x12f4 nvraid - ok
20:51:53.0303 0x12f4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:51:53.0320 0x12f4 nvstor - ok
20:51:53.0376 0x12f4 [ 1A78B86DC0903134050A846FC7291FF9, C297CA17553185B349AE609B1192486ED8B41F2608F1FE14A78BCB2F81F7A1BF ] nvsvc C:\Windows\system32\nvvsvc.exe
20:51:53.0393 0x12f4 nvsvc - ok
20:51:53.0417 0x12f4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:51:53.0433 0x12f4 nv_agp - ok
20:51:53.0502 0x12f4 [ 1DB56FB91B2F7E5A236CA41018C749B4, A990FDD2349E61411CFE7A858C8AE9F0B5781C0D2B43AB37D2306E66F7CA8DBD ] NWIM C:\Windows\system32\DRIVERS\avmnwim.sys
20:51:53.0521 0x12f4 NWIM - ok
20:51:53.0569 0x12f4 [ FC09597B87DE886027DDB3E5235B12DE, 91D63F9A49C8C235E640DBB1083E9BC9138354F677FE42A42CAE29524231AFD3 ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
20:51:53.0583 0x12f4 nwtsrv - ok
20:51:53.0737 0x12f4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:51:53.0759 0x12f4 odserv - ok
20:51:53.0793 0x12f4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:51:53.0826 0x12f4 ohci1394 - ok
20:51:53.0893 0x12f4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:51:53.0906 0x12f4 ose - ok
20:51:53.0967 0x12f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:51:54.0036 0x12f4 p2pimsvc - ok
20:51:54.0067 0x12f4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
20:51:54.0091 0x12f4 p2psvc - ok
20:51:54.0136 0x12f4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:51:54.0152 0x12f4 Parport - ok
20:51:54.0168 0x12f4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:51:54.0182 0x12f4 partmgr - ok
20:51:54.0195 0x12f4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:51:54.0209 0x12f4 Parvdm - ok
20:51:54.0260 0x12f4 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
20:51:54.0285 0x12f4 PcaSvc - ok
20:51:54.0330 0x12f4 [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:51:54.0386 0x12f4 pccsmcfd - ok
20:51:54.0413 0x12f4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
20:51:54.0430 0x12f4 pci - ok
20:51:54.0476 0x12f4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
20:51:54.0489 0x12f4 pciide - ok
20:51:54.0541 0x12f4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:51:54.0559 0x12f4 pcmcia - ok
20:51:54.0653 0x12f4 [ 7EB95AA73D657A2DA9D8CFC336F4F48F, 7FCDFC3CBAB60E14FC87117B3C8683EEBD3F4FB9E1487E8BEDC620C2DBB565C8 ] PCSUService C:\Program Files\PC Beschleunigen\PCSUService.exe
20:51:54.0662 0x12f4 PCSUService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:54.0701 0x12f4 Detect skipped due to KSN trusted
20:51:54.0702 0x12f4 PCSUService - ok
20:51:54.0710 0x12f4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
20:51:54.0723 0x12f4 pcw - ok
20:51:54.0853 0x12f4 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
20:51:54.0899 0x12f4 PDF Architect Helper Service - ok
20:51:54.0955 0x12f4 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
20:51:54.0985 0x12f4 PDF Architect Service - ok
20:51:55.0056 0x12f4 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:51:55.0086 0x12f4 PEAUTH - ok
20:51:55.0178 0x12f4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
20:51:55.0244 0x12f4 pla - ok
20:51:55.0276 0x12f4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:51:55.0354 0x12f4 PlugPlay - ok
20:51:55.0405 0x12f4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:51:55.0428 0x12f4 PNRPAutoReg - ok
20:51:55.0450 0x12f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:51:55.0470 0x12f4 PNRPsvc - ok
20:51:55.0533 0x12f4 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:51:55.0570 0x12f4 PolicyAgent - ok
20:51:55.0630 0x12f4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
20:51:55.0659 0x12f4 Power - ok
20:51:55.0715 0x12f4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:51:55.0744 0x12f4 PptpMiniport - ok
20:51:55.0766 0x12f4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:51:55.0800 0x12f4 Processor - ok
20:51:55.0844 0x12f4 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
20:51:55.0896 0x12f4 ProfSvc - ok
20:51:55.0918 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:51:55.0932 0x12f4 ProtectedStorage - ok
20:51:55.0952 0x12f4 [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
20:51:55.0967 0x12f4 ProtexisLicensing - ok
20:51:55.0993 0x12f4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:51:56.0022 0x12f4 Psched - ok
20:51:56.0122 0x12f4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:51:56.0171 0x12f4 ql2300 - ok
20:51:56.0195 0x12f4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:51:56.0210 0x12f4 ql40xx - ok
20:51:56.0266 0x12f4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
20:51:56.0290 0x12f4 QWAVE - ok
20:51:56.0303 0x12f4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:51:56.0342 0x12f4 QWAVEdrv - ok
20:51:56.0369 0x12f4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:51:56.0395 0x12f4 RasAcd - ok
20:51:56.0447 0x12f4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:51:56.0495 0x12f4 RasAgileVpn - ok
20:51:56.0524 0x12f4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
20:51:56.0554 0x12f4 RasAuto - ok
20:51:56.0575 0x12f4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:51:56.0622 0x12f4 Rasl2tp - ok
20:51:56.0670 0x12f4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
20:51:56.0703 0x12f4 RasMan - ok
20:51:56.0717 0x12f4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:51:56.0759 0x12f4 RasPppoe - ok
20:51:56.0806 0x12f4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:51:56.0849 0x12f4 RasSstp - ok
20:51:56.0894 0x12f4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:51:56.0940 0x12f4 rdbss - ok
20:51:56.0959 0x12f4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:51:56.0993 0x12f4 rdpbus - ok
20:51:57.0036 0x12f4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:51:57.0082 0x12f4 RDPCDD - ok
20:51:57.0112 0x12f4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:51:57.0137 0x12f4 RDPENCDD - ok
20:51:57.0188 0x12f4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:51:57.0213 0x12f4 RDPREFMP - ok
20:51:57.0312 0x12f4 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:51:57.0343 0x12f4 RdpVideoMiniport - ok
20:51:57.0393 0x12f4 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:51:57.0472 0x12f4 RDPWD - ok
20:51:57.0537 0x12f4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:51:57.0554 0x12f4 rdyboost - ok
20:51:57.0607 0x12f4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:51:57.0634 0x12f4 RemoteAccess - ok
20:51:57.0695 0x12f4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:51:57.0744 0x12f4 RemoteRegistry - ok
20:51:57.0798 0x12f4 [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo C:\Program Files\Cyberlink\Shared files\RichVideo.exe
20:51:57.0814 0x12f4 RichVideo - ok
20:51:57.0897 0x12f4 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:51:57.0910 0x12f4 rpcapd - ok
20:51:57.0932 0x12f4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:51:57.0960 0x12f4 RpcEptMapper - ok
20:51:58.0015 0x12f4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
20:51:58.0054 0x12f4 RpcLocator - ok
20:51:58.0098 0x12f4 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
20:51:58.0121 0x12f4 RpcSs - ok
20:51:58.0182 0x12f4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:51:58.0230 0x12f4 rspndr - ok
20:51:58.0327 0x12f4 [ CCDDFF7573F8D12831F98435108F03F1, 2FE0A286BC8F331C34775EE886980975DEBA39195C1186190D8E520A389DA040 ] rtop C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
20:51:58.0345 0x12f4 rtop - ok
20:51:58.0361 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] SamSs C:\Windows\system32\lsass.exe
20:51:58.0375 0x12f4 SamSs - ok
20:51:58.0401 0x12f4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:51:58.0415 0x12f4 sbp2port - ok
20:51:58.0466 0x12f4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:51:58.0507 0x12f4 SCardSvr - ok
20:51:58.0555 0x12f4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:51:58.0580 0x12f4 scfilter - ok
20:51:58.0665 0x12f4 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
20:51:58.0705 0x12f4 Schedule - ok
20:51:58.0756 0x12f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:51:58.0784 0x12f4 SCPolicySvc - ok
20:51:58.0832 0x12f4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:51:58.0859 0x12f4 SDRSVC - ok
20:51:58.0914 0x12f4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:51:58.0928 0x12f4 secdrv - ok
20:51:58.0974 0x12f4 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
20:51:59.0011 0x12f4 seclogon - ok
20:51:59.0043 0x12f4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
20:51:59.0073 0x12f4 SENS - ok
20:51:59.0144 0x12f4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:51:59.0202 0x12f4 SensrSvc - ok
20:51:59.0222 0x12f4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:51:59.0261 0x12f4 Serenum - ok
20:51:59.0300 0x12f4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:51:59.0316 0x12f4 Serial - ok
20:51:59.0331 0x12f4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:51:59.0357 0x12f4 sermouse - ok
20:51:59.0426 0x12f4 [ 12B41D84A4D058ADC60853C365DBFCCA, E53454E065F505DCF55D45AEFCC2F9EC45F2ED71BE64CC7F224E9736578B1AD4 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:51:59.0468 0x12f4 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:51:59.0515 0x12f4 Detect skipped due to KSN trusted
20:51:59.0515 0x12f4 ServiceLayer - ok
20:51:59.0565 0x12f4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
20:51:59.0606 0x12f4 SessionEnv - ok
20:51:59.0641 0x12f4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:51:59.0683 0x12f4 sffdisk - ok
20:51:59.0706 0x12f4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:51:59.0727 0x12f4 sffp_mmc - ok
20:51:59.0743 0x12f4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:51:59.0788 0x12f4 sffp_sd - ok
20:51:59.0821 0x12f4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:51:59.0870 0x12f4 sfloppy - ok
20:51:59.0970 0x12f4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:52:00.0030 0x12f4 SharedAccess - ok
20:52:00.0062 0x12f4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:52:00.0097 0x12f4 ShellHWDetection - ok
20:52:00.0109 0x12f4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:52:00.0127 0x12f4 sisagp - ok
20:52:00.0187 0x12f4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:52:00.0201 0x12f4 SiSRaid2 - ok
20:52:00.0233 0x12f4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:52:00.0248 0x12f4 SiSRaid4 - ok
20:52:00.0391 0x12f4 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:52:00.0414 0x12f4 SkypeUpdate - ok
20:52:00.0448 0x12f4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:52:00.0477 0x12f4 Smb - ok
20:52:00.0547 0x12f4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:52:00.0588 0x12f4 SNMPTRAP - ok
20:52:00.0628 0x12f4 [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
20:52:00.0646 0x12f4 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:52:00.0687 0x12f4 Detect skipped due to KSN trusted
20:52:00.0687 0x12f4 SolidWorks Licensing Service - ok
20:52:00.0730 0x12f4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
20:52:00.0744 0x12f4 spldr - ok
20:52:00.0763 0x12f4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
20:52:00.0831 0x12f4 Spooler - ok
20:52:00.0972 0x12f4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
20:52:01.0106 0x12f4 sppsvc - ok
20:52:01.0148 0x12f4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:52:01.0201 0x12f4 sppuinotify - ok
20:52:01.0252 0x12f4 [ D15DA1BA189770D93EEA2D7E18F95AF9, 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E ] sptd C:\Windows\system32\Drivers\sptd.sys
20:52:01.0282 0x12f4 sptd - ok
20:52:01.0343 0x12f4 [ 96F6EC5161B177272900847C2AC9808B, 8D4EEB7B28ADDC76E20EEAA6D5FCC217E08563D282B4CAFBDCEC1F9781D7B6BA ] srv C:\Windows\system32\DRIVERS\srv.sys
20:52:01.0364 0x12f4 srv - ok
20:52:01.0378 0x12f4 [ B6498636ECD025E9B334199347FAB2A1, C564074D74E5ABC7ACB128F9F24352D1A3A385B8AF34897056ECE79637D21AFC ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:52:01.0399 0x12f4 srv2 - ok
20:52:01.0412 0x12f4 [ FA3853686F5287E5DB8F5199E13CF27C, D162E5E2F89242708DFB7DE98E8E0109712B692A7029ED56427A6C8C0C6D478F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:52:01.0462 0x12f4 srvnet - ok
20:52:01.0531 0x12f4 [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:52:01.0546 0x12f4 ssadbus - ok
20:52:01.0603 0x12f4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:52:01.0634 0x12f4 SSDPSRV - ok
20:52:01.0647 0x12f4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:52:01.0675 0x12f4 SstpSvc - ok
20:52:01.0711 0x12f4 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:52:01.0727 0x12f4 ssudmdm - ok
20:52:01.0783 0x12f4 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
20:52:01.0797 0x12f4 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
20:52:01.0853 0x12f4 Detect skipped due to KSN trusted
20:52:01.0853 0x12f4 StarOpen - ok
20:52:01.0908 0x12f4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:52:01.0921 0x12f4 stexstor - ok
20:52:01.0977 0x12f4 [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\Windows\system32\drivers\serscan.sys
20:52:02.0032 0x12f4 StillCam - ok
20:52:02.0106 0x12f4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
20:52:02.0138 0x12f4 StiSvc - ok
20:52:02.0152 0x12f4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
20:52:02.0165 0x12f4 swenum - ok
20:52:02.0220 0x12f4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
20:52:02.0275 0x12f4 swprv - ok
20:52:02.0340 0x12f4 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
20:52:02.0393 0x12f4 SysMain - ok
20:52:02.0447 0x12f4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:52:02.0490 0x12f4 TabletInputService - ok
20:52:02.0524 0x12f4 [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:52:02.0539 0x12f4 tap0901 - ok
20:52:02.0602 0x12f4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
20:52:02.0634 0x12f4 TapiSrv - ok
20:52:02.0731 0x12f4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:52:02.0778 0x12f4 Tcpip - ok
20:52:02.0816 0x12f4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:52:02.0857 0x12f4 TCPIP6 - ok
20:52:02.0881 0x12f4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:52:02.0921 0x12f4 tcpipreg - ok
20:52:02.0960 0x12f4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:52:02.0983 0x12f4 TDPIPE - ok
20:52:02.0994 0x12f4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:52:03.0008 0x12f4 TDTCP - ok
20:52:03.0060 0x12f4 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:52:03.0075 0x12f4 tdx - ok
20:52:03.0318 0x12f4 [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
20:52:03.0467 0x12f4 TeamViewer9 - ok
20:52:03.0501 0x12f4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:52:03.0515 0x12f4 TermDD - ok
20:52:03.0572 0x12f4 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
20:52:03.0609 0x12f4 TermService - ok
20:52:03.0661 0x12f4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
20:52:03.0701 0x12f4 Themes - ok
20:52:03.0706 0x12f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
20:52:03.0735 0x12f4 THREADORDER - ok
20:52:03.0752 0x12f4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
20:52:03.0804 0x12f4 TrkWks - ok
20:52:03.0838 0x12f4 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
20:52:03.0857 0x12f4 truecrypt - ok
20:52:03.0954 0x12f4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:52:03.0984 0x12f4 TrustedInstaller - ok
20:52:04.0034 0x12f4 [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:04.0061 0x12f4 tssecsrv - ok
20:52:04.0114 0x12f4 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:52:04.0153 0x12f4 TsUsbFlt - ok
20:52:04.0214 0x12f4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:52:04.0241 0x12f4 tunnel - ok
20:52:04.0290 0x12f4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:52:04.0304 0x12f4 uagp35 - ok
20:52:04.0323 0x12f4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:52:04.0356 0x12f4 udfs - ok
20:52:04.0411 0x12f4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:52:04.0428 0x12f4 UI0Detect - ok
20:52:04.0451 0x12f4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:52:04.0465 0x12f4 uliagpkx - ok
20:52:04.0498 0x12f4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
20:52:04.0515 0x12f4 umbus - ok
20:52:04.0567 0x12f4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:52:04.0603 0x12f4 UmPass - ok
20:52:04.0632 0x12f4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
20:52:04.0688 0x12f4 upnphost - ok
20:52:04.0729 0x12f4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:52:04.0750 0x12f4 usbccgp - ok
20:52:04.0807 0x12f4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:52:04.0850 0x12f4 usbcir - ok
20:52:04.0903 0x12f4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:52:04.0917 0x12f4 usbehci - ok
20:52:04.0937 0x12f4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:52:04.0978 0x12f4 usbhub - ok
20:52:05.0007 0x12f4 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:52:05.0020 0x12f4 usbohci - ok
20:52:05.0078 0x12f4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:52:05.0095 0x12f4 usbprint - ok
20:52:05.0142 0x12f4 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:52:05.0168 0x12f4 USBSTOR - ok
20:52:05.0194 0x12f4 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:52:05.0220 0x12f4 usbuhci - ok
20:52:05.0257 0x12f4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
20:52:05.0306 0x12f4 UxSms - ok
20:52:05.0335 0x12f4 [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] VaultSvc C:\Windows\system32\lsass.exe
20:52:05.0349 0x12f4 VaultSvc - ok
20:52:05.0364 0x12f4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:52:05.0378 0x12f4 vdrvroot - ok
20:52:05.0438 0x12f4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
20:52:05.0476 0x12f4 vds - ok
20:52:05.0531 0x12f4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:52:05.0556 0x12f4 vga - ok
20:52:05.0570 0x12f4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:52:05.0596 0x12f4 VgaSave - ok
20:52:05.0620 0x12f4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:52:05.0637 0x12f4 vhdmp - ok
20:52:05.0664 0x12f4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:52:05.0679 0x12f4 viaagp - ok
20:52:05.0695 0x12f4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:52:05.0711 0x12f4 ViaC7 - ok
20:52:05.0763 0x12f4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
20:52:05.0776 0x12f4 viaide - ok
20:52:05.0790 0x12f4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:52:05.0804 0x12f4 volmgr - ok
20:52:05.0854 0x12f4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:52:05.0874 0x12f4 volmgrx - ok
20:52:05.0894 0x12f4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:52:05.0913 0x12f4 volsnap - ok
20:52:05.0938 0x12f4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:52:05.0955 0x12f4 vsmraid - ok
20:52:06.0025 0x12f4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
20:52:06.0079 0x12f4 VSS - ok
20:52:06.0208 0x12f4 [ 42E5B5428401F7CB56A5D585DCE46982, 1A2A24D32E1B1408071408BA9ADCE9A84A4E92C7B81469FCF9DC65EB8F0AFF89 ] vToolbarUpdater18.1.9 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
20:52:06.0267 0x12f4 vToolbarUpdater18.1.9 - ok
20:52:06.0284 0x12f4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:52:06.0319 0x12f4 vwifibus - ok
20:52:06.0360 0x12f4 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:52:06.0397 0x12f4 vwififlt - ok
20:52:06.0423 0x12f4 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:52:06.0468 0x12f4 vwifimp - ok
20:52:06.0518 0x12f4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
20:52:06.0556 0x12f4 W32Time - ok
20:52:06.0571 0x12f4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:52:06.0595 0x12f4 WacomPen - ok
20:52:06.0652 0x12f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:52:06.0679 0x12f4 WANARP - ok
20:52:06.0685 0x12f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:52:06.0712 0x12f4 Wanarpv6 - ok
20:52:06.0773 0x12f4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:52:06.0832 0x12f4 WatAdminSvc - ok
20:52:06.0915 0x12f4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
20:52:06.0974 0x12f4 wbengine - ok
20:52:07.0033 0x12f4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:52:07.0062 0x12f4 WbioSrvc - ok
20:52:07.0117 0x12f4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:52:07.0144 0x12f4 wcncsvc - ok
20:52:07.0158 0x12f4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:52:07.0198 0x12f4 WcsPlugInService - ok
20:52:07.0244 0x12f4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:52:07.0260 0x12f4 Wd - ok
20:52:07.0334 0x12f4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:52:07.0365 0x12f4 Wdf01000 - ok
20:52:07.0423 0x12f4 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:52:07.0458 0x12f4 WdiServiceHost - ok
20:52:07.0465 0x12f4 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:52:07.0482 0x12f4 WdiSystemHost - ok
20:52:07.0528 0x12f4 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
20:52:07.0558 0x12f4 WebClient - ok
20:52:07.0611 0x12f4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:52:07.0667 0x12f4 Wecsvc - ok
20:52:07.0697 0x12f4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:52:07.0729 0x12f4 wercplsupport - ok
20:52:07.0786 0x12f4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
20:52:07.0837 0x12f4 WerSvc - ok
20:52:07.0906 0x12f4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:52:07.0935 0x12f4 WfpLwf - ok
20:52:07.0947 0x12f4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:52:07.0960 0x12f4 WIMMount - ok
20:52:08.0044 0x12f4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:52:08.0088 0x12f4 WinDefend - ok
20:52:08.0097 0x12f4 WinHttpAutoProxySvc - ok
20:52:08.0195 0x12f4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:52:08.0248 0x12f4 Winmgmt - ok
20:52:08.0326 0x12f4 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
20:52:08.0421 0x12f4 WinRM - ok
20:52:08.0467 0x12f4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:52:08.0484 0x12f4 WinUsb - ok
20:52:08.0551 0x12f4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:52:08.0614 0x12f4 Wlansvc - ok
20:52:08.0647 0x12f4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:52:08.0663 0x12f4 WmiAcpi - ok
20:52:08.0726 0x12f4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:52:08.0745 0x12f4 wmiApSrv - ok
20:52:08.0862 0x12f4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:52:08.0913 0x12f4 WMPNetworkSvc - ok
20:52:08.0959 0x12f4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:52:08.0983 0x12f4 WPCSvc - ok
20:52:09.0027 0x12f4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:52:09.0053 0x12f4 WPDBusEnum - ok
20:52:09.0194 0x12f4 WPFFontCache_v0400 - ok
20:52:09.0219 0x12f4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:52:09.0246 0x12f4 ws2ifsl - ok
20:52:09.0277 0x12f4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
20:52:09.0303 0x12f4 wscsvc - ok
20:52:09.0308 0x12f4 WSearch - ok
20:52:09.0422 0x12f4 [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv C:\Windows\system32\wuaueng.dll
20:52:09.0545 0x12f4 wuauserv - ok
20:52:09.0579 0x12f4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:52:09.0641 0x12f4 WudfPf - ok
20:52:09.0654 0x12f4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:52:09.0677 0x12f4 WUDFRd - ok
20:52:09.0707 0x12f4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:52:09.0743 0x12f4 wudfsvc - ok
20:52:09.0793 0x12f4 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
20:52:09.0852 0x12f4 WwanSvc - ok
20:52:09.0986 0x12f4 [ 556B5CFE8D21B256ADD7F87D7F4B4123, 7D3CC5C0DAC1CC418E9692CCCBBBC61AB0124E0280DA366B2A7F207F61CE9BAD ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files\HomeCinema\PowerDVD9\000.fcl
20:52:10.0005 0x12f4 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
20:52:10.0020 0x12f4 ================ Scan global ===============================
20:52:10.0072 0x12f4 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
20:52:10.0124 0x12f4 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
20:52:10.0137 0x12f4 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
20:52:10.0187 0x12f4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:52:10.0249 0x12f4 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
20:52:10.0257 0x12f4 [ Global ] - ok
20:52:10.0257 0x12f4 ================ Scan MBR ==================================
20:52:10.0265 0x12f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:52:10.0564 0x12f4 \Device\Harddisk0\DR0 - ok
20:52:10.0565 0x12f4 ================ Scan VBR ==================================
20:52:10.0599 0x12f4 [ E70E158CD5C3F14B8CFF10C6A9D2A44D ] \Device\Harddisk0\DR0\Partition1
20:52:10.0601 0x12f4 \Device\Harddisk0\DR0\Partition1 - ok
20:52:10.0605 0x12f4 [ 4ECE8F6A945C12D80631AFF98A6538AB ] \Device\Harddisk0\DR0\Partition2
20:52:10.0606 0x12f4 \Device\Harddisk0\DR0\Partition2 - ok
20:52:10.0607 0x12f4 ================ Scan generic autorun ======================
20:52:10.0845 0x12f4 [ 60B99580EDAB4D1A82B248AC5FD46C11, 6D9DEC97AD3B3824CB12056D4DC2004199B8E7A32A32D472C5A320AA9EF1D1D9 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:52:11.0051 0x12f4 RtHDVCpl - ok
20:52:11.0123 0x12f4 [ B8CB1F71298716F466D8784BF1B7494A, 074683D1BC8E2F74BEBC5B48A62EFD80325B324EF2522BF7EDF3D06781023ED2 ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
20:52:11.0181 0x12f4 Skytel - ok
20:52:11.0188 0x12f4 NvCplDaemon - ok
20:52:11.0191 0x12f4 NvMediaCenter - ok
20:52:11.0280 0x12f4 [ 99EC85193F298938639841341323C8A8, 92762D4220726C379D423E75B0084F6DF5A0B42F54835611AC607DD0BE41F7CF ] C:\Program Files\AVG\Av\avuirunnerx.exe
20:52:11.0295 0x12f4 AVG_UI - ok
20:52:11.0481 0x12f4 [ EA1824C3F9A527D43F9BFDA7AD9A6513, 90EB8F7B8C39569D3478DCA83F1F63DDCB756E9D525D38E710B7B50797FC7002 ] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
20:52:11.0579 0x12f4 Babylon Client - ok
20:52:11.0650 0x12f4 [ BFE408D1FB5B8531E1A3FA189E18F931, B2E08C3242F8A99137939A3DCCE6091AEAD76DE0E09068AE4EDCBB382FAF50DE ] C:\Program Files\Cyberlink\Shared Files\brs.exe
20:52:11.0661 0x12f4 BDRegion - ok
20:52:11.0855 0x12f4 [ 22E458A5DC55A961DC22AC8824E8E6B7, 9704A83748D95085C227FBFDA1182E9F53C11252A95E9AB551236A3D57C8EFE3 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
20:52:11.0921 0x12f4 CanonMyPrinter - ok
20:52:11.0995 0x12f4 [ B9CCBA39317F2CE2AE9EC5E94271AD23, C497D5EC8F3DED41AF1FC93CE48D237C54F4C4286E7B633C3ADC2F7D524E8ED8 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
20:52:12.0022 0x12f4 CanonSolutionMenu - ok
20:52:12.0086 0x12f4 [ 74EF10CD035DE51171C98E60E53AE221, C9D17D492469D0B6A485350E53590813E70469FCA68D5DC3E50FA26A368A05DC ] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
20:52:12.0098 0x12f4 CLMLServer - ok
20:52:12.0197 0x12f4 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
20:52:12.0234 0x12f4 GrooveMonitor - ok
20:52:12.0321 0x12f4 [ DEFA4CE02AFF4C3BEFD4B764C73A7362, 719099A4BC6FD87D69EA873792CE67DFB3CC04D3DA8A387D4483FEB1D5086990 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
20:52:12.0335 0x12f4 IAAnotif - ok
20:52:12.0433 0x12f4 [ CA3BC92AF8FCDB85C06AFB5E70D29BFA, E7FC1E740001A4ACE8F652A74F7F85514D4F352D39F4D0043F914F074A2F55BC ] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
20:52:12.0447 0x12f4 IJNetworkScanUtility - ok
20:52:12.0447 0x12f4 SearchSettings - ok
20:52:12.0546 0x12f4 [ 64A87C2EFBAF1E03500C73E43E6B505A, 6A86A4EE206B9EBDE58C72258855C3449E84C782DCE3A3014FA0BA1810116044 ] C:\Program Files\Winamp\winampa.exe
20:52:12.0562 0x12f4 WinampAgent - detected UnsignedFile.Multi.Generic ( 1 )
20:52:12.0603 0x12f4 Detect skipped due to KSN trusted
20:52:12.0603 0x12f4 WinampAgent - ok
20:52:12.0713 0x12f4 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
20:52:12.0744 0x12f4 Windows Mobile Device Center - ok
20:52:12.0852 0x12f4 [ 4E95B1FDDC9E51678BFA2A723EAA94EF, B52F87C61486E9E1321048C50982A85A693CC08E2B1584B497CA9D0D2428BBE8 ] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
20:52:12.0872 0x12f4 AgentMonitor - ok
20:52:12.0971 0x12f4 [ D7779335B0EBC0A7B9C7D0E1105EA078, 4AA5A4B30BBEEA1B0DEC9BC33E9B07D0924F2C692E16B5CD6318E0451A937F9C ] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
20:52:12.0977 0x12f4 CloneCDTray - detected UnsignedFile.Multi.Generic ( 1 )
20:52:13.0019 0x12f4 Detect skipped due to KSN trusted
20:52:13.0019 0x12f4 CloneCDTray - ok
20:52:13.0189 0x12f4 [ E0A06707C91A18859AEBDD4FCEA734F7, BB0CF2847C8BCF696830BF5157A4AE7AB9AC4CC0978E64955F674BD10B556879 ] C:\Program Files\AVG Secure Search\vprot.exe
20:52:13.0285 0x12f4 vProt - ok
20:52:13.0353 0x12f4 [ E42A642E162B0468B2C4E9D803079C7F, BD5922F06FE7BAF23AD04FF8850E773CCDEFEA9469517DEB1B9954F8A7EE51E5 ] C:\Windows\KHALMNPR.EXE
20:52:13.0385 0x12f4 Kernel and Hardware Abstraction Layer - ok
20:52:13.0440 0x12f4 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:52:13.0457 0x12f4 APSDaemon - ok
20:52:13.0566 0x12f4 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
20:52:13.0601 0x12f4 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:52:13.0655 0x12f4 Detect skipped due to KSN trusted
20:52:13.0655 0x12f4 QuickTime Task - ok
20:52:13.0746 0x12f4 [ DEB8AF374FE115169AEBB55E9D3ADCEB, FC1FC117409BC4136FCFE8C7D676334998CECD06697FEA09978AF1CAD990FF55 ] C:\Program Files\AVG\Framework\Common\avguirnx.exe
20:52:13.0765 0x12f4 AvgUi - ok
20:52:13.0891 0x12f4 [ 81842625465D708AFAF95DBCB2833B67, A4D69205D34DA7C83C47BFA7C959F2703B44A5D4F16C8093B4CF5AAA1CBECC54 ] C:\Program Files\KeePass Password Safe 2\KeePass.exe
20:52:13.0985 0x12f4 KeePass 2 PreLoad - ok
20:52:14.0104 0x12f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:52:14.0218 0x12f4 Sidebar - ok
20:52:14.0279 0x12f4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:52:14.0301 0x12f4 mctadmin - ok
20:52:14.0332 0x12f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:52:14.0371 0x12f4 Sidebar - ok
20:52:14.0379 0x12f4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:52:14.0397 0x12f4 mctadmin - ok
20:52:14.0551 0x12f4 [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
20:52:14.0666 0x12f4 DAEMON Tools Lite - ok
20:52:14.0758 0x12f4 ehTray.exe - ok
20:52:14.0869 0x12f4 [ 760ACD103FFB86AD65DC41CDEB08ABCF, 518DBEA24FB54D54BD17E0940ADD49134525D161A62C2E9D71FD876CE3E97D7B ] C:\Program Files\Samsung\Kies\KiesAirMessage.exe
20:52:14.0890 0x12f4 KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
20:52:14.0941 0x12f4 Detect skipped due to KSN trusted
20:52:14.0941 0x12f4 KiesAirMessage - ok
20:52:14.0965 0x12f4 [ A0251ED3ABBA7ACC84416738C8282ACA, 67240ED2BD24D557003AD7062E314F6CDC63BA95EB99A38AB7606432605DDE84 ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
20:52:14.0984 0x12f4 KiesTrayAgent - ok
20:52:15.0037 0x12f4 [ F5ED26AB8BDD951BFAC8BBD0D68BA3E9, 418A80F9213A6E830777DE6E8A0F5E5B4BE5B36F4767B056827682EC7F3C8BBF ] C:\Program Files\Samsung\Kies\Kies.exe
20:52:15.0089 0x12f4 KiesPreload - ok
20:52:15.0359 0x12f4 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
20:52:15.0374 0x12f4 Dropbox Update - ok
20:52:15.0375 0x12f4 Waiting for KSN requests completion. In queue: 122
20:52:16.0416 0x12f4 AV detected via SS2: AVG AntiVirus Free Edition, C:\Program Files\AVG\Av\avgwsc.exe ( 16.101.0.7752 ), 0x41000 ( enabled : updated )
20:52:16.0423 0x12f4 Win FW state via NFP2: enabled ( trusted )
20:52:16.0523 0x12f4 ============================================================
20:52:16.0523 0x12f4 Scan finished
20:52:16.0523 0x12f4 ============================================================
20:52:16.0534 0x0a34 Detected object count: 0
20:52:16.0534 0x0a34 Actual detected object count: 0
|
|
12.08.2016, 12:09
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.08.2016, 22:01
| #5 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-ComCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.08.15.08
rootkit: v2016.08.09.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18376
Ck :: CK-PC [administrator]
15.08.2016 21:29:12
mbar-log-2016-08-15 (21-29-12).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 307928
Time elapsed: 55 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
mhhh leider keinen treffer... Gibt es weitere Programme für den scan ? DANKE für die Hilfe.... |
|
16.08.2016, 07:50
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Was habt ihr alle nur mit "leider"  Du solltest froh sein, dass dein Rechner nicht mit rootkits befallen ist Die Telekom kann viel behaupten, aber nur weil die das tut heißt das nicht, dass diese Behauptung auch immer zutreffend ist.  Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ --> IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com |
|
17.08.2016, 19:58
| #7 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Hallo cosinus, DANKE erst einmal für Deine Hilfe. Ja mit dem "leider" ist so ne Sache.... Ist aber schon OK denke Du weißt wie es gemeint ist. So AVG is runter... Ich habe ja auch noch andere pc am laufen... und dann noch die Android Smartphones und Tablets. Laut Telekom kommt das alles in frage. Vielen DAnk noch einmal für die weitere Hilfe |
|
17.08.2016, 20:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.08.2016, 21:34
| #9 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-ComCode:
ATTFilter # AdwCleaner v6.000 - Bericht erstellt am 17/08/2016 um 22:02:23
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-17.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X86)
# Benutzername : Ck - CK-PC
# Gestartet von : C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst gelöscht: pcsuservice
[-] Dienst gelöscht: rtop
[!] Dienst nicht gelöscht: PCSUService
[-] Dienst gelöscht: DrvAgent32
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\ProgramData\Avg_Update_0116av
[-] Ordner gelöscht: C:\ProgramData\Avg_Update_0316av
[-] Ordner gelöscht: C:\ProgramData\Avg_Update_1215av
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Babylon
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\DownloadManager
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\eSupport.com
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\OpenCandy
[-] Ordner gelöscht: C:\Users\Ck\AppData\LocalLow\Search Settings
[-] Ordner gelöscht: C:\Users\Ck\AppData\LocalLow\Softonic
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\BabSolution
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\OpenCandy
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\QuickStoresToolbar
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\StPrsSW
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht: C:\ProgramData\Babylon
[-] Ordner gelöscht: C:\ProgramData\ByteFence
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Babylon
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ByteFence
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\Program Files\Babylon
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\Program Files\myfree codec
[-] Ordner gelöscht: C:\Program Files\Softonic
[-] Ordner gelöscht: C:\Program Files\Wajam
[-] Ordner gelöscht: C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Temp\OCS
[-] Ordner gelöscht: C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Internet Explorer\QuiCk Launch\Babylon.lnk
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Windows\system32\drivers\DrvAgent32.sys
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}.xpi
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\Conduit.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\searchgol.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\softonic.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\yahoo! powered.xml
[#] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elchiiiejkobdbblfejjkbphbddgmljf_0.localstorage
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elchiiiejkobdbblfejjkbphbddgmljf_0.localstorage-journal
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: ByteFence
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\.bgl
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\.bof
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyDict
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyGloss
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyOptFile
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.Registry
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.Registry.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.PugiObj
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.PugiObj.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.dskBnd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SoftonicApp.appCore
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{63EDCDD3-8AFC-4358-A90F-F7FB8F5C64FF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AVG Secure Search
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\APN PIP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\BABSOLUTION
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Babylon
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Search Settings
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Speedchecker Limited
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\WaIntEnhance
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Wajam
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\WajIEnhance
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Softonic
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AVG Secure Search
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BABSOLUTION
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Babylon
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Search Settings
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Speedchecker Limited
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WaIntEnhance
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WajIEnhance
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Search Settings
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WaIntEnhance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Wajam
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WaIntEnhance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C3E6F08D-366C-4806-81AE-DA013DD94FC8}
[-] Daten wiederhergestellt: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C3E6F08D-366C-4806-81AE-DA013DD94FC8}
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Wert gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf []
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.hmpgUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.newTabUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.prtnrId" - "softonic"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.tlbrSrchUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q="
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prdct" - "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prtnrId" - "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.xpiState" - "{\"app-profile\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{20a82645-c095-46ed-80e3-08825760534b}\",\"e\":false,\"v\":\"1.2.1\",\"st\":1370004771312,\"mt\":1271780036000},\"{4176DFF4-4698-11DE-BEEB-45DA55D89593}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi\",\"e\":false,\"v\":\"0.8.50.1-signed.1-signed\",\"st\":1461782681410},\"{9fb7d178-155a-4318-9173-1a8eaaea7fe4}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi\",\"e\":true,\"v\":\"2.1.30\",\"st\":1459872922998},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"e\":false,\"v\":\"4.2.1.10\",\"st\":1355503709298}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1466006154653},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1466006154638},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1466006154622}},\"winreg-app-user\":{\"{e4f94d1e-2f53-401e-8885-681602c0ddd8}\":{\"d\":\"C:\\\\ProgramData\\\\McAfee Security Scan\\\\Extensions\\\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1396607774000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1466006154669}},\"winreg-app-global\":{\"ocr@babylon.com\":{\"d\":\"C:\\\\Program Files\\\\Babylon\\\\Babylon-Pro\\\\Utils\\\\ocr@babylon.com\",\"e\":false,\"v\":\"1.1\",\"st\":1370003466494,\"mt\":1321283646000},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"d\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"e\":false,\"v\":\"0.0.0\",\"st\":1370003989204,\"mt\":1232707720000},\"FFPDFArchitectConverter@pdfarchitect.com\":{\"d\":\"C:\\\\Program Files\\\\PDF Architect\\\\FFPDFArchitectExt\",\"e\":false,\"v\":\"1.0\",\"st\":1378107203556,\"mt\":1365437022000}}}"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prtnrId" - "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prdct" - "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.tlbrSrchUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q="
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.prtnrId" - "softonic"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.hmpgUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.newTabUrl" - "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6"
[-] [isearch.avg.com] [Search Provider] Gelöscht:isearch.avg.com
[-] [search.softonic.com] [Search Provider] Gelöscht:search.softonic.com
[-] [searchgol.com] [Search Provider] Gelöscht:searchgol.com
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [32260 Bytes] - [17/08/2016 22:02:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [31393 Bytes] - [17/08/2016 21:58:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [32408 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x86
Ran by Ck (Administrator) on 17.08.2016 at 22:16:56,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 31
Successfully deleted: C:\Users\Ck\Appdata\LocalLow\pdfforge (Folder)
Successfully deleted: C:\Users\Ck\AppData\Roaming\fcbfan (Folder)
Successfully deleted: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\user.js (File)
Successfully deleted: C:\Users\Ck\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\Windows\System32\Tasks\1215avUpdateInfo (Task)
Successfully deleted: C:\Windows\System32\Tasks\FCBfan (Task)
Successfully deleted: C:\Windows\Tasks\1215avUpdateInfo.job (Task)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IPK4E9T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\55E60PQC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SOG35PC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADM16G3A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEA5R3WK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLL8EZN8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXQ4GXFR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q391V2E1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFGIR19X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIZ2ZKCY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYD9DVN1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IPK4E9T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\55E60PQC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SOG35PC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADM16G3A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEA5R3WK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLL8EZN8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXQ4GXFR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q391V2E1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFGIR19X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIZ2ZKCY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYD9DVN1 (Temporary Internet Files Folder)
Deleted the following from C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\prefs.js
user_pref(browser.search.defaultenginename, AVG Secure Search);
user_pref(browser.search.selectedEngine, AVG Secure Search);
user_pref(extensions.Softonic.admin, false);
user_pref(extensions.Softonic.aflt, OC);
user_pref(extensions.Softonic.appId, {7ABBFE1C-E485-44AA-8F36-353751B4124D});
user_pref(extensions.Softonic.autoRvrt, false);
user_pref(extensions.Softonic.dfltLng, de);
user_pref(extensions.Softonic.dfltSrch, true);
user_pref(extensions.Softonic.dnsErr, true);
user_pref(extensions.Softonic.excTlbr, false);
user_pref(extensions.Softonic.ffxUnstlRst, false);
user_pref(extensions.Softonic.hmpg, true);
user_pref(extensions.Softonic.hmpgUrl, hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.id, cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.instlDay, 16045);
user_pref(extensions.Softonic.instlRef, MOY00621);
user_pref(extensions.Softonic.newTab, true);
user_pref(extensions.Softonic.newTabUrl, hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.prdct, Softonic);
user_pref(extensions.Softonic.prtnrId, softonic);
user_pref(extensions.Softonic.rvrt, false);
user_pref(extensions.Softonic.srchPrvdr, Search the web (Softonic));
user_pref(extensions.Softonic.tlbrId, opencandy2013);
user_pref(extensions.Softonic.tlbrSrchUrl, hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q=);
user_pref(extensions.Softonic.vrsn, 1.8.21.14);
user_pref(extensions.Softonic.vrsnTs, 1.8.21.149:47:02);
user_pref(extensions.Softonic.vrsni, 1.8.21.14);
user_pref(extensions.searchgol.admin, false);
user_pref(extensions.searchgol.aflt, babsst);
user_pref(extensions.searchgol.appId, {4277F7CF-0000-46CF-BA49-D624465C4BAB});
user_pref(extensions.searchgol.autoRvrt, false);
user_pref(extensions.searchgol.dfltLng, de);
user_pref(extensions.searchgol.excTlbr, false);
user_pref(extensions.searchgol.ffxUnstlRst, false);
user_pref(extensions.searchgol.id, cedae3900000000000000022437b3ca6);
user_pref(extensions.searchgol.instlDay, 15988);
user_pref(extensions.searchgol.instlRef, sst);
user_pref(extensions.searchgol.newTab, false);
user_pref(extensions.searchgol.prdct, searchgol);
user_pref(extensions.searchgol.prtnrId, searchgol);
user_pref(extensions.searchgol.rvrt, false);
user_pref(extensions.searchgol.smplGrp, none);
user_pref(extensions.searchgol.tlbrId, base);
user_pref(extensions.searchgol.tlbrSrchUrl, );
user_pref(extensions.searchgol.vrsn, 1.8.16.19);
user_pref(extensions.searchgol.vrsnTs, 1.8.16.1920:12:53);
user_pref(extensions.searchgol.vrsni, 1.8.16.19);
Registry: 6
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.08.2016 at 22:19:26,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
18.08.2016, 08:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Da war aber einiges...bitte neu starten und adwCleaner wiederholen....um zu sehen, ob der auch "alles" erwischt hat
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.08.2016, 19:44
| #11 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Hallo Cosinus, was heißt das war einiges... waren das alles Viren ? Der zweite Durchlauf hat nichts mehr gefunden. Was soll ich nun tun ? Vielen DANK für Deine Antwort |
|
18.08.2016, 20:45
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Nun was meinte ich wohl, die Aussage bezog sich auf das Log vom adwcleaner Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.08.2016, 18:47
| #13 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-ComCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 19-08-2016
durchgeführt von Ck (Administrator) auf CK-PC (19-08-2016 19:43:08)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13687328 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100
Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF Homepage: www.google.de
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-19 19:42 - 2016-08-19 19:42 - 00000000 ____D C:\Users\Ck\Desktop\FRST-OlderVersion
2016-08-17 22:19 - 2016-08-17 22:19 - 00008582 _____ C:\Users\Ck\Desktop\JRT.txt
2016-08-17 21:52 - 2016-08-18 19:33 - 00000000 ____D C:\AdwCleaner
2016-08-17 21:13 - 2016-08-17 21:13 - 01610560 _____ (Malwarebytes) C:\Users\Ck\Desktop\JRT.exe
2016-08-17 21:09 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 21:08 - 2016-08-17 21:08 - 03784256 _____ C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
2016-08-15 21:29 - 2016-08-15 21:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\Users\Ck\Desktop\mbar
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-15 21:28 - 2016-08-17 18:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:28 - 2016-08-17 18:37 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-15 21:27 - 2016-08-15 21:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ck\Desktop\mbar-1.09.3.1001.exe
2016-08-15 20:55 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-15 20:55 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-15 20:55 - 2016-08-02 08:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-15 20:55 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-15 20:55 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-15 20:55 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-15 20:55 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-15 20:55 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-15 20:55 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-15 20:55 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-15 20:55 - 2016-08-02 07:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-15 20:55 - 2016-08-02 07:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-15 20:55 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-15 20:55 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-15 20:55 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-15 20:55 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-15 20:55 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-15 20:55 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-15 20:55 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-15 20:55 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-15 20:55 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-15 20:55 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-15 20:55 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-15 20:55 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-15 20:55 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-15 20:55 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-15 20:55 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-15 20:55 - 2016-07-08 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-15 20:55 - 2016-07-08 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-15 20:55 - 2016-07-08 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-15 20:55 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-15 20:55 - 2016-07-08 16:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-15 20:55 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-15 20:55 - 2016-07-08 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-15 20:55 - 2016-07-08 16:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-11 20:50 - 2016-08-11 20:56 - 00221242 _____ C:\TDSSKiller.3.1.0.11_11.08.2016_20.50.46_log.txt
2016-08-11 20:29 - 2016-08-11 20:32 - 00077766 _____ C:\Users\Ck\Desktop\Addition.txt
2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Desktop\tdsskiller.exe
2016-08-11 20:28 - 2016-08-19 19:43 - 00021905 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-19 19:43 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-19 19:42 - 01745408 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-19 19:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-19 18:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 18:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-19 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-08-18 21:57 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-18 20:46 - 2013-05-31 15:45 - 01627884 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-18 20:46 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-18 20:46 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-18 20:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-18 19:31 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-18 18:11 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-18 17:34 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-17 22:02 - 2013-05-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-17 21:50 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 21:23 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-17 21:15 - 2013-06-12 08:33 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-17 20:22 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-08-17 18:34 - 2015-07-02 11:13 - 00000000 ____D C:\Users\Ck\AppData\Local\Avg
2016-08-17 18:34 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-17 18:14 - 2015-11-03 18:04 - 00000000 ____D C:\Users\Ck\AppData\Local\AvgSetupLog
2016-08-17 18:14 - 2013-07-29 19:22 - 00000000 ____D C:\ProgramData\AVG
2016-08-17 18:14 - 2010-12-05 14:05 - 00000000 ____D C:\Program Files\AVG
2016-08-15 21:03 - 2013-12-24 16:34 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-26 14:24 - 2009-10-02 17:47 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp
2016-07-20 16:27 - 2009-09-30 22:04 - 00000000 ____D C:\Users\Ck\AppData\Roaming\vlc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe
Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08130619252.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08156097866.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081642210183.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081744902659.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081907132559.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08544418719.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\NEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\oi_{8E29BDD6-B734-427A-9492-304AB40FB8F2}.exe
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe
C:\Users\Ck\AppData\Local\Temp\stubhelper.dll
C:\Users\Ck\AppData\Local\Temp\uninst1.exe
C:\Users\Ck\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-17 20:15
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 19-08-2016
durchgeführt von Ck (19-08-2016 19:43:38)
Gestartet von C:\Users\Ck\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2013-05-31 13:55:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1965394401-2103718357-1127923810-500 - Administrator - Disabled)
Ck (S-1-5-21-1965394401-2103718357-1127923810-1000 - Administrator - Enabled) => C:\Users\Ck
Gast (S-1-5-21-1965394401-2103718357-1127923810-501 - Limited - Disabled)
Sonos (S-1-5-21-1965394401-2103718357-1127923810-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4Free Video Converter 2 (HKLM\...\{7061301A-0D44-432F-859D-AF705DA2C81F}_is1) (Version: - 4Free Studio)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{F2B03BB1-D679-4FFF-951D-3058A669A823}) (Version: 1.3.1 - AVM Berlin)
Brother P-touch Editor 5.0 (HKLM\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.032 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (Version: 5.0.032 - Brother Industries, Ltd.) Hidden
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
CANON IMAGE GATEWAY Registrierungsanleitung (HKLM\...\DV CIG Guide) (Version: 1.0.0.2 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.4.0.8 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.0.3 - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version: - )
Canon MP620 series Benutzerregistrierung (HKLM\...\Canon MP620 series Benutzerregistrierung) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.0.0.8 - )
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.1.15 - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.0.1.248 - )
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CloneCD (HKLM\...\CloneCD) (Version: - SlySoft)
CMS (HKLM\...\CMS1.0.0.32) (Version: 1.0.0.32 - wapa)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version: - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
Cuttermaran 1.67 (HKLM\...\{5D5E101E-6E25-4497-944E-373D9DB20A07}) (Version: 1.6.7 - toarnold)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1616 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2609 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2806 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1412 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DE (Version: 3.0 - Corel Corporation) Hidden
Device Manager (HKLM\...\Device Manager) (Version: - )
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - )
Dropbox (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project)
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
Free HD Converter V 1.4 (HKLM\...\Free HD Converter_is1) (Version: 1.4.0.0 - Koyote Soft)
Free PDF to Word Converter 1.5 (HKLM\...\Free PDF to Word Converter_is1) (Version: - Free-PDF-to-Word.com)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Gigaset M100 Data (HKLM\...\Gigaset M100 Data) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDIPCamera V1.0.1.2 (HKLM\...\HDIPCamera_is1) (Version: - HDIPCamera)
Helium (HKLM\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Help 2 Speak 1.2 (HKLM\...\Help 2 Speak for Windows Mobile Classic & Pro_is1) (Version: - Arena Games Studios)
ImageMixer 3 SE (HKLM\...\{82C19692-571C-45D2-BAF2-278225787A35}) (Version: 3.00.038 - PIXELA)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LightScribe System Software (HKLM\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Thunderbird (2.0.0.23) (HKLM\...\Mozilla Thunderbird (2.0.0.23)) (Version: 2.0.0.23 (de) - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
NetSurveillance (HKLM\...\NetSurveillance) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 5.3.1 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PCSpeedUp Application (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\3121358167.www.pcspeedup.com) (Version: - www.pcspeedup.com) <==== ACHTUNG
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDVR (HKLM\...\PDVR168.5.5.26) (Version: 168.5.5.26 - Wapa)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolidWorks eDrawings 2010 (HKLM\...\{059D6814-73F9-480B-B0B2-D6428F1C1F99}) (Version: 10.2.122 - Dassault Systèmes SolidWorks Corp.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
WebPlugin 1.0.3.39 (HKLM\...\WebPlugin) (Version: 1.0.3.39 - My company, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wireshark 1.8.5 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{85B13DC2-AB8D-45E9-B0AB-ABE72EC66DD7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9a1ff289-f2d3-55c6-993d-c7a95c923a04}\InprocServer32 -> C:\Program Files\VVVIPCamera\npRTPlayer.dll (RunTop)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{d3005645-a2c0-5fcf-b52e-40d1c93b6b46}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll (webnp)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02AE60CC-4705-41A6-91E6-50ABF7D83302} - System32\Tasks\{268125EB-A08A-470F-B017-A0AF0455DCBC} => pcalua.exe -a C:\Users\Ck\Downloads\Active(1).exe -d C:\Users\Ck\Downloads
Task: {25198102-EC51-45EB-9E96-3F1A00598D7E} - System32\Tasks\{E442D925-062B-4048-92DD-81B6E5D4EBC7} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\MyMobile123_06152008.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {2A93CF91-7D23-4C00-AC9F-80B34E45359D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
Task: {2D771066-A4F3-46BF-8CA3-9CAFDA14E3C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2E8F338E-D82C-4BE0-A37E-D30BC60BE7CD} - System32\Tasks\{DA74A66F-ED8F-4CB5-818F-EA45C9EEAD30} => pcalua.exe -a L:\Mail\portable_thunderbird_2.0.0.6_win_de\portablethunderbird.exe -d L:\Mail\portable_thunderbird_2.0.0.6_win_de
Task: {39704CCB-91C6-4FCE-ADB3-55BFC4B12B7E} - System32\Tasks\{25DFB1E6-A77D-4292-9046-FBC6E033A8D1} => pcalua.exe -a C:\Users\Ck\Desktop\cms_en_hbw_setup.exe -d C:\Users\Ck\Desktop
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {628D65C8-3315-4964-8E2E-A3333ECCF05F} - System32\Tasks\{1CC5E591-F6A7-4E18-8935-6150C7ADBBD3} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {66813AAB-BC6C-4DF1-AD7C-1FA047F5CFBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {6A8C4CC9-938F-4B6F-BF0F-DCD924790CEE} - System32\Tasks\{71F44B15-7CB1-4B86-BD60-D6CD264CF120} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/privacy
Task: {71CB78DC-3465-4B72-A2C5-F2347E83C5C7} - System32\Tasks\{69EF8CEA-F288-4F17-9417-BBF04DE439FB} => pcalua.exe -a C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023.exe -d C:\Users\Ck\Downloads
Task: {720D1503-4901-4D3A-AE34-C2A846495526} - System32\Tasks\{D210CFB3-7484-4E0D-A07E-00A804913C1F} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\RUU_Topaz_S_HTC_GER_2.16.407.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {786C056D-F7DD-4F91-A4C8-592D795E66B2} - System32\Tasks\{FDBDBBE2-3B9F-4E39-B60C-9A5E520FB6BE} => pcalua.exe -a C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe -d "C:\Program Files\Logitech\SetPoint" <==== ACHTUNG
Task: {7882BC03-0A35-4B7C-8824-612F8992586E} - System32\Tasks\{4930B6A3-896D-4B89-B490-928D2E8409F2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {83A6087A-B895-43E6-8B49-141E3604079B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B570972-C515-4AA6-AA33-FD3720281B78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8F3C77A0-80DE-4FF6-AB16-9BEED1651B92} - System32\Tasks\{FBD2B4DA-3B72-4A59-A46D-20A920C322A0} => pcalua.exe -a C:\Users\Ck\Downloads\dotnetfx3setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A1819EA4-5CA1-40C3-AD8F-82CE890AEEDB} - System32\Tasks\{226C3DB4-BC58-406E-843A-7343C8C18171} => pcalua.exe -a "C:\Users\Ck\Downloads\XDA-HTC\_HTC Touch Diamond2_RUU_Topaz_S_Vodafone_DE_2.16.162.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe" -d C:\Users\Ck\Downloads\XDA-HTC
Task: {A3A35131-2635-4486-AB91-A5DD9BDD36F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {AFD815CF-6434-41A1-8ADE-2B62CF9B1F7C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-20] (Google) <==== ACHTUNG
Task: {B58C017E-761D-451C-AB1A-D1879E73B069} - System32\Tasks\{4BD28B09-9A1B-4A69-BA90-67C98CB290E5} => pcalua.exe -a "C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2\NewActive.exe" -d C:\Users\Ck\Desktop
Task: {B6D39B96-0714-4D74-BB26-3C28909655BF} - System32\Tasks\{723229ED-F780-4C7B-98CB-3F4C06D62E95} => pcalua.exe -a C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20\CMS.exe -d C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20
Task: {B7EDDC49-2A82-4201-99A1-2F0C4F4A7561} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD00CA6F-0897-4711-813F-89264B56E755} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {BEB85EF8-764D-4908-AAD9-0B659819E7FE} - System32\Tasks\{0E8F34EC-4494-4A2C-AFF3-11CA2F5B4C90} => pcalua.exe -a "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&surf_6_0\instmsia.exe" -d "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&surf_6_0"
Task: {C03989FD-EAF4-41A9-AF33-707D79307A78} - System32\Tasks\{7AF1BA91-2A03-4427-9720-C576FE3DD4F8} => pcalua.exe -a "C:\Program Files\DAEMON Tools Lite\uninst.exe" -d "C:\Program Files\DAEMON Tools Lite"
Task: {C146D4B7-1BE2-41D1-B2C5-C5A514E2BCF7} - System32\Tasks\{AE2FEAEC-AF5B-49E4-AEE0-D09143669355} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/abandoninstall?page=tsBing
Task: {C7C4EE56-B8AA-4351-81BD-0A6D455AC43B} - System32\Tasks\{6A6AB472-58DE-4906-B2C1-C452BD9DBA22} => pcalua.exe -a C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -c -maintain plugin
Task: {D89A30EF-DA26-4944-B61D-4241FE07E0D6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E29110D1-140F-4436-88B5-AE82F41F7645} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E8232C5C-94D3-4837-90DC-746D038E2DF3} - System32\Tasks\{34D13FC3-38F9-492B-B933-0F652EB35694} => pcalua.exe -a C:\Users\Ck\Downloads\Active.exe -d C:\Users\Ck\Downloads
Task: {F2E8B3A8-A3BD-41F4-BA6E-7ADCA98B02F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F440BE00-829C-40EF-8625-F7DDE569FEE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-04-22 16:09 - 2009-02-25 09:13 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-05-29 21:58 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-27 16:32 - 2008-08-27 16:32 - 00619816 _____ () C:\Program Files\HomeCinema\Power2Go\CLMediaLibrary.dll
2008-06-09 09:55 - 2008-06-09 09:55 - 00013096 _____ () C:\Program Files\HomeCinema\Power2Go\CLMLSvcPS.dll
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2014-07-04 10:22 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-07-04 10:22 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-07-04 10:22 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-07-04 10:22 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-07-04 10:22 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-07-04 10:22 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00182272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\97fe9e5d3c179b88a47a355e3d497461\Kies.Common.DeviceServiceLib.Interface.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 15017472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\2b03fce391135d2616e3ca1f41e4d3f9\Kies.Theme.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed992385c10d33321704bbba68a32c66\Kies.UI.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2904a13c0bdf6fab78e97ed5e5349855\Kies.MVVM.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00233984 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\2ae6e946b06d8ca8c1f09e28006ac538\ASF_cSharpAPI.ni.dll
2014-08-25 06:39 - 2009-07-20 12:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-12 17:48 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-07 17:57 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-12 17:48 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-07 17:57 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-07 17:57 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-07 17:57 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 09:52 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00168248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\dyndns.org -> hxxp://fruechtemtz.dyndns.org
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\no-ip.org -> hxxp://teufelsbox.no-ip.org
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2016-08-17 21:50 - 00001961 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 5 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.115.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7ADE6780-8950-4568-AE42-156E26523817}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{21A2A72D-C72E-48F1-81DA-6DA6C22D8159}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{75A3EED0-6127-4849-9403-C0FB7996B247}] => (Allow) LPort=26675
FirewallRules: [{599FEA04-953A-40D2-9E33-8850A8AF5D82}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{317049B1-7474-4657-B639-180C2192B20D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{46B83F69-94C7-495B-9F1D-B3E1A3403443}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8E7DEC09-287A-4881-85A3-701E56D7F9E3}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8522B942-7D77-4A85-9775-B0B13002DCD8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{85A74167-4A6B-43C0-B5CB-13278338AB69}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [TCP Query User{603E47FC-65E5-4244-9184-64B737B7A60A}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [UDP Query User{1D4156AD-EAC5-4103-9C53-228167735AA1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D5B3DD8A-548D-4477-9EAA-95262B1AA269}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CA0F2C7F-986E-4C53-A52C-3EBD9267074A}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [TCP Query User{080598C6-ED4E-45F5-9FB7-677AB378C334}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{72E75FBE-C146-4E5E-83F3-D28D0B210D50}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{5A21343C-6687-4048-A8B2-2A7E87911F08}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{B9B6546E-DBF0-40E0-A25E-07EB2C1A5449}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{4A7DDA3D-40C0-4FC6-81DD-0FEB9B07AF3F}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [UDP Query User{3D8D522F-6C42-4FA2-A127-66DA0B637A2E}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{5DF8515A-676D-40BB-8352-3989E2D9E6E3}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [{7360A445-A3CB-445A-A7DA-AB308364F275}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [{AFA72526-5207-437D-9A9C-243B050D89D9}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [UDP Query User{454A84A6-26BB-48AE-8E31-E67A875CD1CB}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{8D5C2EC7-24D9-4ADA-A8A7-9DB1C572FCDD}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{C1014B50-AF56-488F-903D-C92996D9CAD8}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [TCP Query User{31086841-A3ED-4164-B74E-3BC4A5745CE4}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [UDP Query User{28311615-6F20-478D-9805-E6AF9BA990B0}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [TCP Query User{C75E9A32-9B92-4135-9745-B1D7A517A62B}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [UDP Query User{7AAAAC3B-2EF3-4FC7-9E9F-4930BBCF0C4F}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{3571DEE7-180D-460A-B99D-6598A17DDAA7}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [UDP Query User{0EA37256-1A6C-43AA-9B79-ED34D9AD86D6}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [TCP Query User{A2EE00DF-DA65-45C4-BD89-17ACE5BAF15E}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{B5770EFC-5DD2-4FE2-98F0-71C0E0E5B583}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [TCP Query User{BF6008EA-FC83-4EAB-9024-C5F59AE5D3DD}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [UDP Query User{2708DB09-F52E-425B-BBD9-BFD51ACF273F}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{798FA436-9103-436C-98B7-5B310751EF00}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{94A1B95C-8BD9-49D7-9E59-975A0700D048}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{5615D64E-F202-46C2-9C3F-1A5DE2EE756D}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3E6A057A-F868-4CC8-AE7F-B2DE4C7C267E}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{5A6A03BC-8AC5-482B-8A81-9DD1191C935A}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{F5D27E35-B63D-4456-B9EB-D364DB20C0E4}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{173BEF30-E791-4D07-BC0A-67B9E67DFF01}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{996748D8-A0A1-4DB6-B683-81E91CEA7370}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{0EC9DE4F-B1C3-4EBC-AE09-DC4EC7A1F21A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{878E3AB6-44C1-46E6-B568-F0117D8374B2}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C6110339-8D5E-4F2D-BFE4-414D3F8DE6B0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E20F74A9-6056-4999-B500-7AAB54F89043}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{C524683F-328A-467C-ACB5-A130E4568F30}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [UDP Query User{CA5855DA-53D5-4697-B811-A24FFDD4012D}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{9DE8B423-B3A5-4F29-B155-DF31DE15D8E7}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{238B0185-2155-471B-9425-DE106D3BDFC4}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{3B17293C-4C00-4881-9180-000B36F690C8}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{67031F9B-7197-41CC-B5E5-071B3E3AAAB8}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{0D69F73B-7BF1-40FC-BF4E-F263DD772249}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{5D1A37DB-9536-4516-ABF4-F30B2C542D16}] => (Allow) LPort=26675
FirewallRules: [{7BC04F0B-A432-405C-9781-CF5D493E1D7B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F6029F4-FD1F-40EF-9014-EEE098FA3215}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [UDP Query User{64B44A5C-73C4-4356-A671-7F09E17784AD}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [TCP Query User{2C362057-AA33-4E24-BED8-64DE3F9B91D4}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [{840ED993-7ABA-41B1-A0D3-496FC341389F}] => (Allow) LPort=26675
FirewallRules: [{8A6221CD-694D-4BE2-AF91-CF07C8389BBA}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D892051C-056C-4FB3-9222-BAB0D91D525E}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{5C5D76A8-3840-4349-97B5-C5C189D9C722}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C6EB1591-5865-4589-89C2-E3915E42F284}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{44E3F3DA-D2F3-46F4-954A-4CD56F505E7E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56696065-60CE-4100-BBC1-68EBE5C1C3B0}] => (Allow) svchost.exe
FirewallRules: [{BDA30BF2-C41B-43AB-98ED-F5E0CEBCFB9F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B46585A-C0E7-4CCB-82FE-0B402D6E2D8A}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{F041C875-D884-4721-88AE-EAEEB1AE6C37}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [UDP Query User{B0849B15-63AC-4D25-908D-BF27778AD19D}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [TCP Query User{CA8DB31F-C3F4-4B5D-9314-9AAF36C30AF4}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [UDP Query User{9A981ECF-A2C7-42D8-AD98-09669E5D306C}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{0B5987A1-65A8-45A2-83B6-E4C32043AB48}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2CCEA8DE-6165-4F72-81D8-C074E23BD01F}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{896B5766-6732-4338-B6F9-BFC31E6AD5A2}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{28B899BC-5A1B-43C4-A8B2-136E72F6AD86}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{577AC29F-7498-49BC-B51A-700BD45B6D16}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{1C664FE5-209C-4E59-952F-8AA498DF9D38}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{E4955CC9-D470-406C-9197-6A6A0964EB31}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{6F21AB69-04C5-49B6-B62C-BEAB94BBADE8}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [TCP Query User{B14C26DC-59BF-4450-9A8E-517114A1B828}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{B0477CBA-6117-4144-A3ED-A1F622840314}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [{3A51ED74-5852-4624-8D5B-3C7F27B34814}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{347B8B36-BF63-4117-8F74-59201E414E81}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C0B052A0-EE5E-4F0F-B02C-9B39D690E289}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4F123978-DDCC-4C7D-8983-C28F0AAC37C3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4CDA9912-8BCF-4A9C-8E93-1EB248EC814C}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{6593E86B-F059-4D27-93EE-42E62B37FB37}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{E078E7CD-4300-498A-8962-BB78FC59226D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B9DE3BB7-7CF1-4092-B18D-0A1C35594858}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{85F34518-7490-424B-8AB5-4F42419523BE}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{19CA2410-D39C-4F2E-9F64-7420B3FA291C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E26CE404-BD83-450C-960D-BC6FB43934DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2DA798A6-223B-476D-8F79-813C9F93C735}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{25D52EF8-F436-4E35-8C52-EE52F2573908}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E1996656-6977-4E9E-ADA7-3E160AECF691}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{443F9370-1E62-48A8-A632-A8C37F37BC2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BA3523F-3CCF-4AA2-8796-C02F3B10792C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{07BCA684-9F01-4175-84C5-1EF94BBB8441}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6A713E75-8990-4BC2-B421-187DD1B01F9B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{C153EA66-1D83-49F9-A95E-425139115092}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [UDP Query User{A27F579C-298D-49FE-B298-B60ADDA8BA97}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [TCP Query User{B02F92D4-281E-48DF-AB03-EF43E5EAC785}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [UDP Query User{AF9BFE9A-4654-4ED8-B114-CFC27FF91AD1}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [{09F80C0D-913B-4F46-A587-6817106CEBE8}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{EFCC012B-F4D9-46E6-993B-9945C0DB520E}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [TCP Query User{DC10596F-6D4D-416E-942C-2C48DFF69592}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [UDP Query User{8C425570-FA19-4772-8083-9F301306B1FE}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [{51718A97-F258-4584-AB8B-ACC380823A66}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [{3D87C3A0-A733-41A7-9E8E-3ABD89667C6B}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [TCP Query User{DD1F36BE-AAB9-4E09-8DFE-A296265C0A48}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [UDP Query User{F7E647C6-B35C-4745-B8D3-B43F8CD93F75}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{6D852816-5AFB-4412-9C7F-9557CE3B9D87}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{68A50DFD-454B-42E6-A718-0E8812760048}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [TCP Query User{3E0A1CB6-3E43-4D11-AE44-FEDDD1706D7F}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [UDP Query User{84CBC649-C200-4A8A-8825-18526A177F74}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [{E66B4D10-CEED-4700-99B2-0094DC3352D9}] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [TCP Query User{0BFB32C7-CD29-46DB-8CA2-141F86B9A937}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [UDP Query User{FE7D0C21-5AB8-472D-B50F-B30045A1368B}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{A97A3298-81B9-44EA-A54A-57461C60B58B}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{C42B7E11-A936-4661-87FF-3B6B4FC433CC}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{75AA3BEB-790A-4FA6-8D9A-32FCCBCF4870}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Wiederherstellungspunkte =========================
02-08-2016 23:24:25 Windows Update
15-08-2016 22:57:34 Geplanter Prüfpunkt
17-08-2016 21:10:54 Windows Update
17-08-2016 22:17:04 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Description: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AzureWave Technologies, Inc.
Service: netr28u
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2016 05:36:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2016 10:08:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2016 10:01:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2016 09:50:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2016 06:36:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2016 05:55:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2016 08:43:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2016 09:01:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2016 08:21:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/10/2016 05:55:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/18/2016 05:34:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/18/2016 05:34:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/17/2016 10:06:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (08/17/2016 10:06:17 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (08/17/2016 10:01:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost VPN 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ByteFence Security Real-time Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2013-05-31 12:34:57.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.633
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.351
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:57.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:34:56.775
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:23.148
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.853
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.566
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:22.271
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-05-31 12:20:21.976
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3326.18 MB
Verfügbarer physikalischer RAM: 1705.2 MB
Summe virtueller Speicher: 6650.68 MB
Verfügbarer virtueller Speicher: 5069.27 MB
==================== Laufwerke ================================
Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:114.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:8.84 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=911.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== Ende vom Addition.txt ============================
da sind Sie. DANKE |
|
20.08.2016, 12:52
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2016, 10:15
| #15 |
| | IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com Hallo Cosinus habe ich deinstalliert[ CODE] FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2016
durchgeführt von Ck (Administrator) auf CK-PC (21-08-2016 11:10:50)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13687328 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100
Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF Homepage: Google
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-21 11:04 - 2016-08-21 11:04 - 00001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-08-21 11:04 - 2016-08-21 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-21 11:04 - 2016-08-21 11:04 - 00000000 ____D C:\Program Files\VS Revo Group
2016-08-21 11:02 - 2016-08-21 11:02 - 07093624 _____ (VS Revo Group ) C:\Users\Ck\Desktop\revosetup_2.0.exe
2016-08-19 19:42 - 2016-08-21 11:10 - 00000000 ____D C:\Users\Ck\Desktop\FRST-OlderVersion
2016-08-17 22:19 - 2016-08-17 22:19 - 00008582 _____ C:\Users\Ck\Desktop\JRT.txt
2016-08-17 21:52 - 2016-08-18 19:33 - 00000000 ____D C:\AdwCleaner
2016-08-17 21:13 - 2016-08-17 21:13 - 01610560 _____ (Malwarebytes) C:\Users\Ck\Desktop\JRT.exe
2016-08-17 21:09 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 21:08 - 2016-08-17 21:08 - 03784256 _____ C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
2016-08-15 21:29 - 2016-08-15 21:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\Users\Ck\Desktop\mbar
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-15 21:28 - 2016-08-17 18:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:28 - 2016-08-17 18:37 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-15 21:27 - 2016-08-15 21:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ck\Desktop\mbar-1.09.3.1001.exe
2016-08-15 20:55 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-15 20:55 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-15 20:55 - 2016-08-02 08:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-15 20:55 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-15 20:55 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-15 20:55 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-15 20:55 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-15 20:55 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-15 20:55 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-15 20:55 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-15 20:55 - 2016-08-02 07:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-15 20:55 - 2016-08-02 07:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-15 20:55 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-15 20:55 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-15 20:55 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-15 20:55 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-15 20:55 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-15 20:55 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-15 20:55 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-15 20:55 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-15 20:55 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-15 20:55 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-15 20:55 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-15 20:55 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-15 20:55 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-15 20:55 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-15 20:55 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-15 20:55 - 2016-07-08 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-15 20:55 - 2016-07-08 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-15 20:55 - 2016-07-08 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-15 20:55 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-15 20:55 - 2016-07-08 16:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-15 20:55 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-15 20:55 - 2016-07-08 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-15 20:55 - 2016-07-08 16:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-11 20:50 - 2016-08-11 20:56 - 00221242 _____ C:\TDSSKiller.3.1.0.11_11.08.2016_20.50.46_log.txt
2016-08-11 20:29 - 2016-08-19 19:44 - 00074819 _____ C:\Users\Ck\Desktop\Addition.txt
2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Desktop\tdsskiller.exe
2016-08-11 20:28 - 2016-08-21 11:11 - 00022063 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-21 11:10 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-21 11:10 - 01745920 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-21 11:10 - 2013-05-31 15:45 - 01627884 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-21 11:10 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-21 11:10 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-21 11:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-21 11:00 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-21 10:59 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-21 10:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-19 20:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-19 19:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 19:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-19 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-08-18 18:11 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-17 22:02 - 2013-05-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-17 21:50 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 21:23 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-17 21:15 - 2013-06-12 08:33 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-17 20:22 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-08-17 18:34 - 2015-07-02 11:13 - 00000000 ____D C:\Users\Ck\AppData\Local\Avg
2016-08-17 18:34 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-17 18:14 - 2015-11-03 18:04 - 00000000 ____D C:\Users\Ck\AppData\Local\AvgSetupLog
2016-08-17 18:14 - 2013-07-29 19:22 - 00000000 ____D C:\ProgramData\AVG
2016-08-17 18:14 - 2010-12-05 14:05 - 00000000 ____D C:\Program Files\AVG
2016-08-15 21:03 - 2013-12-24 16:34 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-26 14:24 - 2009-10-02 17:47 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe
Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08130619252.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08156097866.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081642210183.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081744902659.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081907132559.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08544418719.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\NEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\oi_{8E29BDD6-B734-427A-9492-304AB40FB8F2}.exe
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe
C:\Users\Ck\AppData\Local\Temp\stubhelper.dll
C:\Users\Ck\AppData\Local\Temp\uninst1.exe
C:\Users\Ck\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-17 20:15
==================== Ende vom FRST.txt ============================
|
|
| Themen zu IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com |
| brief, bytefence, canon, compu, computer, crazy, frst.txt, hallo zusammen, hilfe, ircbot, liebe, lieben, secure search, t-com, virut, wieder weg, zusammen |
dann auf 
und dann auf 
. 
Linear-Darstellung
